Really nasty Linux security bug
Troy Engel
tengel at sonic.net
Fri Oct 19 11:55:59 PDT 2001
On Fri, Oct 19, 2001 at 11:53:58AM -0700, Dustin Mollo wrote:
>
> There are two bugs present in Linux kernels 2.2.x, x<=19 and 2.4.y, y<=9.
> The first vulnerability results in local DoS. The second one, involving
> ptrace, can be used to gain root privileges locally (in case of default
> install of most popular distributions). Linux 2.0.x is not vulnerable to the
> ptrace bug mentioned.
As a supporting helpnote, the stupid RedHat Up2Date thingy is all whack today, and https://www.rhns.redhat.com is totally screwed. You're best to use FTP to updates.redhat.com and download the bunches of Oct. 18 dated updates.
/me returns to updating tons of machines...
-te
--
Troy Engel
GPG KeyID: DF3D5207
More information about the talk
mailing list