[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [linux-security] another local root exploit in the Linux kernel (Mandrake)
On Mon, Oct 22, 2001 at 05:46:29PM -0700, Martin Siegert wrote:
> Topic
> =====
> Local root exploit in Linux kernel.
>
> Problem Description
> ===================
> There are two bugs in Linux kernels 2.2.x, x <= 19 and 2.4.y, y <= 10.
> The first vulnerability results in local denial-of-service (DoS) attack
> by forcing the kernel to spend almost arbitrary amount of time
> on dereferencing a single symlink.
> The second one, involving ptrace once again, can be used to gain root
> privileges locally.
>
> Affected Systems
> ================
> Linux Systems with kernels 2.2.x x <= 19 and 2.4.y, y <= 10.
>
> Solution
> ========
Mandrake released new kernel rpms.
In the following <ext> is either empty or "smp-" or "secure-".
After installing the rpms you must edit /etc/lilo.conf, run /sbin/lilo, and
reboot.
Mandrake 7.1
------------
rpm -ivh kernel-<ext>2.2.19-5.2mdk.i586.rpm
rpm -Fvh alsa-2.2.19_0.5.10b-5.2mdk.i586.rpm \
alsa-source-2.2.19_0.5.10b-5.2mdk.i586.rpm \
kernel-doc-2.2.19-5.2mdk.i586.rpm \
kernel-headers-2.2.19-5.2mdk.i586.rpm \
kernel-source-2.2.19-5.2mdk.i586.rpm \
kernel-utils-2.2.19-5.2mdk.i586.rpm \
kernel-pcmcia-cs-2.2.19-5.2mdk.i586.rpm \
reiserfs-utils-2.2.19_3.5.29-5.2mdk.i586.rpm
Mandrake 7.2
------------
rpm -ivh kernel-<ext>2.2.19-5.1mdk.i586.rpm
rpm -Fvh alsa-2.2.19_0.5.10b-5.1mdk.i586.rpm \
alsa-source-2.2.19_0.5.10b-5.1mdk.i586.rpm \
kernel-doc-2.2.19-5.1mdk.i586.rpm \
kernel-headers-2.2.19-5.1mdk.i586.rpm \
kernel-source-2.2.19-5.1mdk.i586.rpm \
kernel-utils-2.2.19-5.1mdk.i586.rpm \
kernel-pcmcia-cs-2.2.19-5.1mdk.i586.rpm \
reiserfs-utils-2.2.19_3.5.29-5.1mdk.i586.rpm
Mandrake 8.0, 8.1
-----------------
rpm -ivh kernel22-<ext>2.2.19-1mdk.i586.rpm
rpm -Fvh kernel22-source-2.2.19-19.1mdk.i586.rpm