FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor


 
 
LinkBack Thread Tools
 
Old 09-17-2010, 03:39 PM
Moritz Rudert
 
Default Kernel Rootexploit

Hi everybody,
unfortunately today a new root exploit appeared.

Look at: http://sota.gen.nz/compat2/

After some tests I can say: It works on Archlinux and Ubuntu, but not on
debian.

The "bugfix" found on http://seclists.org/fulldisclosure/2010/Sep/273
does not work on Arch and Ubuntu.

The only current fix is to patch the kernel.
allspark and me built new versions of the current Arch-kernel and the
LTS-kernel.

Kernel and PKGBUILD-tar can be found on:
http://lorelei.h-ix.net/downloads/kernel26-2.6.35.4-1-x86_64.pkg.tar.gz
http://lorelei.h-ix.net/downloads/kernel26-2.6.35.4-1.src.tar.gz
http://lorelei.h-ix.net/downloads/kernel26-lts-2.6.32.21-2.src.tar.gz
http://lorelei.h-ix.net/downloads/kernel26-lts-2.6.32.21-2-x86_64.pkg.tar.gz

I will upload a new version of kernel26-vanilla to AUR later this day.

Greetings
Moritz <helios> Rudert
 
Old 09-17-2010, 03:48 PM
Thomas Bächler
 
Default Kernel Rootexploit

Am 17.09.2010 17:39, schrieb Moritz Rudert:
> Hi everybody,
> unfortunately today a new root exploit appeared.
>
> Look at: http://sota.gen.nz/compat2/
>
> After some tests I can say: It works on Archlinux and Ubuntu, but not on
> debian.
>
> The "bugfix" found on http://seclists.org/fulldisclosure/2010/Sep/273
> does not work on Arch and Ubuntu.

There's actually two holes with two exploits. This workaround is for the
'compat1' exploit - which doesn't work on Arch, unlike compat2, which
works. If I understand this right, the following three patches fix the
problems:

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=36d001c70d8a0144ac1d038f687 6c484849a74de
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff&h=c41d68a513c71e35a14f66d7178 2d27a79a81ea6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=eefdca043e8391dcd7197117164 92063030b55ac

I am building a new 64 Bit kernel26 right now, but I don't know when I
can push this to the repositories, hopefully some time tonight.
 
Old 09-17-2010, 08:16 PM
Moritz Rudert
 
Default Kernel Rootexploit

On 09/17/2010 05:48 PM, Thomas Bächler wrote:
> Am 17.09.2010 17:39, schrieb Moritz Rudert:
>> Hi everybody,
>> unfortunately today a new root exploit appeared.
>>
>> Look at: http://sota.gen.nz/compat2/
>>
>> After some tests I can say: It works on Archlinux and Ubuntu, but not on
>> debian.
>>
>> The "bugfix" found on http://seclists.org/fulldisclosure/2010/Sep/273
>> does not work on Arch and Ubuntu.
> There's actually two holes with two exploits. This workaround is for the
> 'compat1' exploit - which doesn't work on Arch, unlike compat2, which
> works. If I understand this right, the following three patches fix the
> problems:
>
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=36d001c70d8a0144ac1d038f687 6c484849a74de
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff&h=c41d68a513c71e35a14f66d7178 2d27a79a81ea6
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=eefdca043e8391dcd7197117164 92063030b55ac
>
> I am building a new 64 Bit kernel26 right now, but I don't know when I
> can push this to the repositories, hopefully some time tonight.
>
Please also update kernel26-lts.

Thanks
Moritz <helios> Rudert
 

Thread Tools




All times are GMT. The time now is 05:12 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org