Operating Systems > Linux and UNIX

Big kernel hole

<< < (2/2)

mobrien_12:

quote:Originally posted by Calum is NOT a moderator:
and for us normal lusers, do you think this will trickle down into the apt repositories etc in a hurry? or should i recompile on my own, when the rectified code appears? (actually slack slapt-get 9.1 repositories)

[ January 08, 2005: Message edited by: Calum is NOT a moderator ]
--- End quote ---


Calum, I think that the fixed kernels will get into the apt-get repositories in less than a week of new code being released.  

As far as whether to build from kernel.org ASAP or wait.... that's a question of risk management.  

If you have a multiuser box and you don't trust all your users (like in a University environment, for example), this hole is a freaking disaster and has to be fixed as fast as possible.

If you have remote login capabilities, such as sshd running, you still gotta worry about someone trying a brute force attack, or maybe getting a username and password from a keylogger on a compromised remote machine.  You can minimize the risk by limiting access with hosts.allow or iptables.  This is what I'm relying on right now.

However, I'm freaking paranoid so I'll probably go build it from source when it comes out at kernel.org

KernelPanic:
By the way, we are fixed in the -ac tree for 2.4.28 and 2.6

I wouldn't expect to see the mainstream repo's packaging the -ac tree Calum, but feel free to copy your config and make oldconfig  
Linus will put a long term fix into 2.6.11, but who know when that is out. If you are running multiuser I would say compile -ac6 and test it out, because even if there's a bug it will be better than having a comprimised root!

mobrien_12:
I can't see any -ac patch for the 2.4 series kernel.
The changelog for 2.4.29-rc1 doesn't mention anything about fixing this hole.

I just tested the exploit code on my older 2.4.20 kernel and cracked root.  Oh fricken joy.

[ January 10, 2005: Message edited by: M. O'Brien ]

KernelPanic:
I beg your pardon, I meant 2.4.29-rc1

<snip>
Marcelo Tosatti:
 o Changed VERSION to 2.4.29-rc1
 o Paul Starzetz: sys_uselib() race vulnerability  (CAN-2004-1235)
</snip>

[ January 11, 2005: Message edited by: Tux ]

mobrien_12:
Well, I just tested 2.4.29-rc3 (hand patched, hand compiled).  I haven't been able to crack root on it yet using the sample exploit code.

Navigation

[0] Message Index

[*] Previous page