Really nasty Linux security bug

Troy Engel tengel at sonic.net
Fri Oct 19 11:55:59 PDT 2001


On Fri, Oct 19, 2001 at 11:53:58AM -0700, Dustin Mollo wrote:
> 
> There are two bugs present in Linux kernels 2.2.x, x<=19 and 2.4.y, y<=9.
> The first vulnerability results in local DoS. The second one, involving
> ptrace, can be used to gain root privileges locally (in case of default
> install of most popular distributions). Linux 2.0.x is not vulnerable to the
> ptrace bug mentioned.

As a supporting helpnote, the stupid RedHat Up2Date thingy is all whack today, and https://www.rhns.redhat.com is totally screwed.  You're best to use FTP to updates.redhat.com and download the bunches of Oct. 18 dated updates.

/me returns to updating tons of machines...

-te

-- 
Troy Engel
GPG KeyID: DF3D5207



More information about the talk mailing list