Hi!

JFYI, see the attachment.

Securityfocus and some other news sites have spread rumour that the
do_path() bug fixed with 2.6.16 is remotely exploitable.

It is not.

Unless you are using virtualization techniques like Virtuozzo or
Vserver (where 'root' cannot neccessarily be trusted), there is not
really any security risk caused by this bug.  Stay cool.

Cheers,
        Harald (for the netfilter core team)

-- 
- Harald Welte <[EMAIL PROTECTED]>                 http://netfilter.org/
============================================================================
  "Fragmentation is like classful addressing -- an interesting early
   architectural error that shows how much experimentation was going
   on while IP was being designed."                    -- Paul Vixie
--- Begin Message ---
Hi!

As a member of the netfilter core team, I would like to ask you to
immediately stop spreading false information about an allegeldy remotely
exploitable vulnerability that simply doesn't exist.

I don't know how you come to the conclusion at
http://www.securityfocus.com/bid/17178/discuss, that "This issue allows
remote attackers to overwrite kernel memory with arbitrary data,
potentially allowing them to execute malicious machine code in the
context of affected kernels."

The respective bug [called do_replace() bug] is in a code path that can
ONLY be executed by a local root user.  In fact, it is a bug in the
codepath for ruleset changes.

So unless you have a locally malicious root user (which could change the
ruleset anyway, and very likely load arbitrary code via kernel modules
or patch /proc/kmem), there is nothing that can be exploited.

Neither for local non-root users, not for any remote party.

Please correct information in your vulnerability data base as soon as
possible!  Your wrong assessment has already been picked up by some
other news sites, and users are starting to inquire the project about a
security threat that doesn't even exist.

Thanks in advance,
        Harald

-- 
- Harald Welte <[EMAIL PROTECTED]>                 http://netfilter.org/
============================================================================
  "Fragmentation is like classful addressing -- an interesting early
   architectural error that shows how much experimentation was going
   on while IP was being designed."                    -- Paul Vixie

Attachment: pgp6Sb4GXofka.pgp
Description: PGP signature


--- End Message ---

Attachment: pgp0eue1V2vS9.pgp
Description: PGP signature

Reply via email to