Ubuntu 8.04 and later have a default setting of 65536 in /proc/sys/vm/mmap_min_addr. When set, this issue is blocked. If your value is 0, please purge the "wine" and "dosemu" packages, and reset the value:
sudo apt-get purge wine dosemu echo 65536 | sudo tee /proc/sys/vm/mmap_min_addr On Ubuntu 6.06, we recommend the work-around detailed above. Kernel are being built shortly to address the issue directly. ** Description changed: Binary package hint: linux-image-2.6.15-54-server CVE Candidate is CVE-2009-2692 Exploit: http://seclists.org/fulldisclosure/2009/Aug/0180.html Patch: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98 I ran the exploit on a fully updated dapper server installation and got root from a normal user account. Mitigated, at least against this particular posted exploit, via creating - /etc/modprobe.d/mitigate-2692: + /etc/modprobe.d/mitigate-2692.conf: install ppp_generic /bin/true install pppoe /bin/true install pppox /bin/true install slhc /bin/true ** Also affects: linux (Ubuntu) Importance: Undecided Status: New ** Bug watch added: Red Hat Bugzilla #516949 https://bugzilla.redhat.com/show_bug.cgi?id=516949 ** Also affects: linux (Fedora) via https://bugzilla.redhat.com/show_bug.cgi?id=516949 Importance: Unknown Status: Unknown ** Visibility changed to: Public ** Also affects: linux (Ubuntu Dapper) Importance: Undecided Status: New ** Also affects: linux-source-2.6.15 (Ubuntu Dapper) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux-source-2.6.15 (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Jaunty) Importance: Undecided Status: New ** Also affects: linux-source-2.6.15 (Ubuntu Jaunty) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Karmic) Importance: Undecided Status: New ** Also affects: linux-source-2.6.15 (Ubuntu Karmic) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Intrepid) Importance: Undecided Status: New ** Also affects: linux-source-2.6.15 (Ubuntu Intrepid) Importance: Undecided Status: New ** Changed in: linux-source-2.6.15 (Ubuntu Dapper) Status: New => Triaged ** Changed in: linux-source-2.6.15 (Ubuntu Hardy) Status: New => Invalid ** Changed in: linux-source-2.6.15 (Ubuntu Jaunty) Status: New => Invalid ** Changed in: linux-source-2.6.15 (Ubuntu Karmic) Status: New => Invalid ** Changed in: linux-source-2.6.15 (Ubuntu Intrepid) Status: New => Invalid ** Changed in: linux (Ubuntu Dapper) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Hardy) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Karmic) Importance: Undecided => Medium ** Changed in: linux-source-2.6.15 (Ubuntu Intrepid) Importance: Undecided => Medium ** Changed in: linux-source-2.6.15 (Ubuntu Dapper) Importance: Undecided => Medium ** Changed in: linux-source-2.6.15 (Ubuntu Karmic) Importance: Undecided => Medium ** Changed in: linux-source-2.6.15 (Ubuntu Hardy) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Hardy) Status: New => Triaged ** Changed in: linux-source-2.6.15 (Ubuntu Jaunty) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Karmic) Status: New => Triaged ** Changed in: linux (Ubuntu Jaunty) Status: New => Triaged ** Changed in: linux (Ubuntu Jaunty) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Dapper) Status: New => Invalid ** Changed in: linux (Ubuntu Intrepid) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Intrepid) Status: New => Triaged ** Changed in: linux-source-2.6.15 (Ubuntu Hardy) Importance: Medium => Undecided ** Changed in: linux-source-2.6.15 (Ubuntu Jaunty) Importance: Medium => Undecided ** Changed in: linux (Ubuntu Dapper) Importance: Medium => Undecided ** Changed in: linux-source-2.6.15 (Ubuntu Intrepid) Importance: Medium => Undecided ** Changed in: linux-source-2.6.15 (Ubuntu Karmic) Importance: Medium => Undecided -- Local root exploit via CVE-2009-2692 (incorrect proto_ops initializations) https://bugs.launchpad.net/bugs/413656 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
