Hi, it's medium because it's local-only, and is not, as you say, an issue for all Ubuntu systems -- only those with a non-default /proc/sys/vm/mmap_min_addr setting. Additionally, there are work-around available while the fix is being worked oni. Debian was more vulnerable, so they acted more quickly. The Ubuntu kernels are currently building, and we expect them to publish after they pass QA today.
-- Local root exploit via CVE-2009-2692 (incorrect proto_ops initializations) https://bugs.launchpad.net/bugs/413656 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
