Linux Kernel 2.6 Local Root Exploit

Welcome Guest ( Log In | Register )

Linux Kernel 2.6 Local Root Exploit, 2.6.17 - 2.6.24.1(Current)

Tomy Durden View Member Profile	Feb 10 2008, 04:21 PM Post #1
SuperGeek Group: The Planet Staff Posts: 1,107 Joined: 18-May 07 From: Dallas, Tx Member No.: 48,459	Be advised that linux kernels 2.6.17 to 2.6.24.1 are vulnerable to a local root exploit. At this time, it's recommended that servers be downgraded to a non vulnerable kernel until a patch is pushed out. http://it.slashdot.org/article.pl?sid=08/0...57&from=rss http://www.gossamer-threads.com/lists/linux/kernel/877192 -------------------- Tomy Durden Customer Advocate for Remarkable Experiences

Tomy Durden View Member Profile	Feb 10 2008, 07:11 PM Post #2
SuperGeek Group: The Planet Staff Posts: 1,107 Joined: 18-May 07 From: Dallas, Tx Member No.: 48,459	If you're running a custom kernel, the patch below should work(may need to do it by hand.. this works on the source from Gentoo's Portage): fs/splice.c \| 3 +++ 1 file changed, 3 insertions(+) Index: linux-2.6/fs/splice.c =================================================================== --- linux-2.6.orig/fs/splice.c +++ linux-2.6/fs/splice.c @@ -1237,6 +1237,9 @@ static int get_iovec_page_array(const st if (unlikely(!base)) break; + if (unlikely(!access_ok(VERIFY_READ, base, len))) + break; + /* * Get this base offset and number of pages, then map * in the user pages. If you're running a pre-compiled kernel... I'd suggest moving back to something before 2.6.17 until your Distro releases a patched kernel. (Be advised that The Planet does not officially support custom kernels.) -------------------- Tomy Durden Customer Advocate for Remarkable Experiences

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Time is now: 9th February 2010 - 10:46 AM

Dedicated Servers