[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] RE : race condition in kernel/kmod.c
- Subject: [cobalt-security] RE : race condition in kernel/kmod.c
- From: Guillaume Fortin <guillaume@xxxxxxxxxxxx>
- Date: Tue, 17 Jun 2003 15:16:49 -0400
- Organization: PenseWeb.com
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
I have that package installed. Its description does fit... But it did not
prevent the hack.
Wasn't that issue fixed with the latest Kernel release ?
Or are there several different ptrace exploits around ?
--anders
> Kernel Update C37 2.0.1
>
> HTTP: RaQ4-All-Kernel-2.0.1-2.2.16C37-III-1-2.pkg
> Posted: May 19, 2003
> Size: 4,205,939
>
> This updated kernel fixes a vulnerability in ptrace that could allow local
> users to obtain full privileges. Remote exploitation of this hole is not
> possible. For more information see: CAN-2003-0127
>
> This kernel also fixes a problem with the I2C driver where the locks were
not
> IRQ safe. This could cause problems including the system reporting false
fan
> failures, repeated raid syncs, and random reboots.