[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] race condition in kernel/kmod.c
- Subject: Re: [cobalt-security] race condition in kernel/kmod.c
- From: Anders <andersb@xxxxxxxxxxx>
- Date: Tue, 17 Jun 2003 15:01:29 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Guillaume Fortin wrote:
> I had someone using this exploit last week-end on one of my RaQ4i...
> http://www.securiteam.com/unixfocus/5FP0A2K9GQ.html
>
> using a script from « snooq » :
> http://www.angelfire.com/linux/snooq/
Wasn't that issue fixed with the latest Kernel release ?
Or are there several different ptrace exploits around ?
--anders
> Kernel Update C37 2.0.1
>
> HTTP: RaQ4-All-Kernel-2.0.1-2.2.16C37-III-1-2.pkg
> Posted: May 19, 2003
> Size: 4,205,939
>
> This updated kernel fixes a vulnerability in ptrace that could allow local
> users to obtain full privileges. Remote exploitation of this hole is not
> possible. For more information see: CAN-2003-0127
>
> This kernel also fixes a problem with the I2C driver where the locks were not
> IRQ safe. This could cause problems including the system reporting false fan
> failures, repeated raid syncs, and random reboots.