[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [linux-security] another local root exploit in the Linux kernel (Mandrake)



On Mon, Oct 22, 2001 at 05:46:29PM -0700, Martin Siegert wrote:
> Topic
> =====
> Local root exploit in Linux kernel.
> 
> Problem Description
> ===================
> There are two bugs in Linux kernels 2.2.x, x <= 19 and 2.4.y, y <= 10.
> The first vulnerability results in local denial-of-service (DoS) attack
> by forcing  the kernel to spend almost arbitrary amount of time
> on dereferencing a single symlink.
> The second one, involving ptrace once again, can be used to gain root
> privileges locally.
> 
> Affected Systems
> ================
> Linux Systems with kernels 2.2.x  x <= 19 and 2.4.y, y <= 10.
> 
> Solution
> ========

Mandrake released new kernel rpms.
In the following <ext> is either empty or "smp-" or "secure-".
After installing the rpms you must edit /etc/lilo.conf, run /sbin/lilo, and
reboot.

Mandrake 7.1
------------

rpm -ivh kernel-<ext>2.2.19-5.2mdk.i586.rpm

rpm -Fvh alsa-2.2.19_0.5.10b-5.2mdk.i586.rpm \
         alsa-source-2.2.19_0.5.10b-5.2mdk.i586.rpm \
         kernel-doc-2.2.19-5.2mdk.i586.rpm \
         kernel-headers-2.2.19-5.2mdk.i586.rpm \
         kernel-source-2.2.19-5.2mdk.i586.rpm \
         kernel-utils-2.2.19-5.2mdk.i586.rpm \
         kernel-pcmcia-cs-2.2.19-5.2mdk.i586.rpm \
         reiserfs-utils-2.2.19_3.5.29-5.2mdk.i586.rpm

Mandrake 7.2
------------

rpm -ivh kernel-<ext>2.2.19-5.1mdk.i586.rpm

rpm -Fvh alsa-2.2.19_0.5.10b-5.1mdk.i586.rpm \
         alsa-source-2.2.19_0.5.10b-5.1mdk.i586.rpm \
         kernel-doc-2.2.19-5.1mdk.i586.rpm \
         kernel-headers-2.2.19-5.1mdk.i586.rpm \
         kernel-source-2.2.19-5.1mdk.i586.rpm \
         kernel-utils-2.2.19-5.1mdk.i586.rpm \
         kernel-pcmcia-cs-2.2.19-5.1mdk.i586.rpm \
         reiserfs-utils-2.2.19_3.5.29-5.1mdk.i586.rpm

Mandrake 8.0, 8.1
-----------------

rpm -ivh kernel22-<ext>2.2.19-1mdk.i586.rpm

rpm -Fvh kernel22-source-2.2.19-19.1mdk.i586.rpm