[Kernel local DoS fix. Presumably 2.4.20 will be out shortly. You can use the -ac kernel tree in the meantime if you're vulnerable -- Raju]
This is an RFC 1153 digest. (1 message) ---------------------------------------------------------------------- Message-ID: <[EMAIL PROTECTED]> From: Leif Sawyer <[EMAIL PROTECTED]> Sender: [EMAIL PROTECTED] To: Christophe Devine <[EMAIL PROTECTED]>, [EMAIL PROTECTED], Full-Disclosure <[EMAIL PROTECTED]> Subject: [Full-Disclosure] RE: i386 Linux kernel DoS (fixed) Date: Thu, 14 Nov 2002 10:42:06 -0900 The fix for 2.4 kernels was posted today by Alan Cox: Linux 2.4.20-rc1-ac2 o Ptrace NT flag fix (Andrea Arcangeli) o lcall NT clear fixes (Petr Vandrovec) [...] > -----Original Message----- > From: Christophe Devine writes: > > Yep; the first version of the DoS I posted on bugtraq was > defective and worked only under special conditions (inside > gdb for example). [code snipped] > > At the beginning I thought only kernels <= 2.4.18 were > affected; but it appeared that both kernels 2.4.19 and > 2.4.20-rc1 are vulnerable as well. > > The flaw seems to be related to the kernel's handling of the > nested task (NT) flag inside a lcall7. > > -- > Christophe Devine > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ------------------------------ End of this Digest ****************** -- Raju Mathur [EMAIL PROTECTED] http://kandalaya.org/ It is the mind that moves ================================================ To unsubscribe, send email to [EMAIL PROTECTED] with unsubscribe in subject header. Check archives at http://www.mail-archive.com/ilugd%40wpaa.org
