heads up: CVE-2008-0600 kernel root exploit
This has a trivially-available local root exploit code, and is already
generating a bit of community panic. I expect we'll be seeing an update RSN. <https://bugzilla.redhat.com/show_bug.cgi?id=432251> -- Matthew Miller mattdm@mattdm.org <http://mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/> _______________________________________________ CentOS-devel mailing list CentOS-devel@centos.org http://lists.centos.org/mailman/listinfo/centos-devel |
heads up: CVE-2008-0600 kernel root exploit
It actually made my 2.6.18-53.1.4.el5 x86 box panic.
Josh ________________________________ From: centos-devel-bounces@centos.org on behalf of Matthew Miller Sent: Sun 2/10/2008 5:54 PM To: The CentOS developers mailing list. Subject: [CentOS-devel] heads up: CVE-2008-0600 kernel root exploit This has a trivially-available local root exploit code, and is already generating a bit of community panic. I expect we'll be seeing an update RSN. <https://bugzilla.redhat.com/show_bug.cgi?id=432251> -- Matthew Miller mattdm@mattdm.org <http://mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/> _______________________________________________ CentOS-devel mailing list CentOS-devel@centos.org http://lists.centos.org/mailman/listinfo/centos-devel _______________________________________________ CentOS-devel mailing list CentOS-devel@centos.org http://lists.centos.org/mailman/listinfo/centos-devel |
heads up: CVE-2008-0600 kernel root exploit
On Sun, 2008-02-10 at 19:17 -0600, Baird, Josh wrote:
> It actually made my 2.6.18-53.1.4.el5 x86 box panic. I also had a panic on the 2 boxes I tested the exploit with. x86 VMware guest running 2.6.18-53.1.6.el5 x86_64 server running 2.6.18-53.1.6.el5 (SMP) -- Jethro Carr www.jethrocarr.com www.jethrocarr.com/index.php?cms=blog _______________________________________________ CentOS-devel mailing list CentOS-devel@centos.org http://lists.centos.org/mailman/listinfo/centos-devel |
heads up: CVE-2008-0600 kernel root exploit
On Sun, Feb 10, 2008 at 07:17:27PM -0600, Baird, Josh wrote:
> It actually made my 2.6.18-53.1.4.el5 x86 box panic. Yeah, me too. So that's arguably less severe, but still no good. -- Matthew Miller mattdm@mattdm.org <http://mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/> _______________________________________________ CentOS-devel mailing list CentOS-devel@centos.org http://lists.centos.org/mailman/listinfo/centos-devel |
heads up: CVE-2008-0600 kernel root exploit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 dzickus' testing kernel .78 seems to solve both this and .6's nfs issues - however we're seeing about 50% stability with it: one machine works fine, one crashed twice in 4 days. /Bent -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: http://firegpg.tuxfamily.org iQIVAwUBR6/LnoyMFfRCAeEGAQJL5hAAlNAxwttZ3qCQvGHiYl9sG0H+umWDY mWN RqfU3FgiixHalbiYNfR3XpCspfjYVFxGxafb3UvNRJEnxCQylZ JkeACJ9hJVRpyY BNs0srtmY0WxxslXXIhY72gP2dK4V1OgHlEiz3ArK9FZHmgcxk Bxbm9b79FOVRae Ou1Iir0Qis6E1oLFdZJfHwme00zdfzIsg8iN04Xwu/DbuqlF3gBdpN+Dy8pe0GV3 3oIj0Arq1R6+8JEAQOFzUDTOKPX2QKJyzI2gLXpodXfpdFrBoq 8PusGEm+ppNOZi iFhoXzeeS1tcSjwJBjWiiDI09UuuFHhZZe2iKWzjPKEc62AfU+ 7eqZFQdTfa4OBK 3Bk7lu7ojPQ2io0gA4cFFMgD3OLqKpmMmZBllWYsNOrFWiIARz R0Kb+PoNF3VReG 6lpp/QfdNeoeCDpd6GVJOZsss2Ggf0ZRf8JwVvGwrgqcmsoFV/QdTx34FwPGZt7l +tQiJKfGXUh9wn2dERyEKR4uPXg4uFajat0Qk1MGzjc0mnO09I wxMR90/0jsvArE skaQn/aSRiGsyblhKISl9O5vYzIJNCyWnIfKLFevZG+Vj0r7sIRXW/WJgaOxVnUE ndtaVH8m3Q7mYbLzJl4MmofMjrGfvAijiGNIPvdS29Ixa1sg7a pRmDl1i9StfK+7 +Tr4BG+QZ1k= =JC+v -----END PGP SIGNATURE----- _______________________________________________ CentOS-devel mailing list CentOS-devel@centos.org http://lists.centos.org/mailman/listinfo/centos-devel |
heads up: CVE-2008-0600 kernel root exploit
On Sun, 10 Feb 2008, Matthew Miller wrote:
On Sun, Feb 10, 2008 at 07:17:27PM -0600, Baird, Josh wrote: It actually made my 2.6.18-53.1.4.el5 x86 box panic. Yeah, me too. So that's arguably less severe, but still no good. A tweak of the exploit will make it work on x86_64 rather than cause kernel panic (https://bugzilla.redhat.com/show_bug.cgi?id=432251#c23). Proposed patch is already in upstream bug tracker (https://bugzilla.redhat.com/show_bug.cgi?id=432251#c6) diff -urN linux-2.6.18.x86_64/fs/splice.c linux-2.6.18.x86_64-fix/fs/splice.c --- linux-2.6.18.x86_64/fs/splice.c 2008-02-10 11:08:19.000000000 -0500 +++ linux-2.6.18.x86_64-fix/fs/splice.c 2008-02-10 11:31:06.000000000 -0500 @@ -1154,6 +1154,9 @@ if (unlikely(!base)) break; + if (unlikely(!access_ok(VERIFY_READ, base, len))) + break; + /* * Get this base offset and number of pages, then map * in the user pages. _______________________________________________ CentOS-devel mailing list CentOS-devel@centos.org http://lists.centos.org/mailman/listinfo/centos-devel |
| All times are GMT. The time now is 06:32 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.