Another root exploit in 2.2, 2.4 and 2.6?

Gruffi

http://isec.pl/vulnerabilities/isec-0012-mremap.txt

fleed · l33t Joined: 28 Aug 2002 Posts: 756 Location: London

Any gentoo kernels protected?

Kid Hash · n00b Joined: 04 Jan 2004 Posts: 31

I was wondering this too
I compiled my 2.4.23_pre8-gss yesterday - are any gentoo kernels not vulnerable?

dbergst · Tux's lil' helper Joined: 25 Mar 2003 Posts: 88

pphisch · n00b Joined: 20 Apr 2003 Posts: 4 Location: Germany

i just read this on the gentoo-security mailinglist:

ecatmur · Posted: Mon Jan 05, 2004 10:35 pm Post subject:

The do_brk bug was an earlier one, that was used to compromise the Debian servers IIRC.

puke · Tux's lil' helper Joined: 05 Oct 2002 Posts: 128

Yes, do_brk is soooo last year. :lol:

pb · n00b Joined: 08 Jan 2003 Posts: 6 Location: Kielce, Poland

Here's a hotfix from Wojtek Kaniewski for <=2.4.23 kernels

plate · Posted: Tue Jan 06, 2004 11:26 am Post subject:

Look at both bug reports (mremap and rtc) for information about fixes to kernel sources in Portage. That's where all the action is until the GLSAs are published...

meyerm · Posted: Tue Jan 06, 2004 12:19 pm Post subject: GLSA

Sorry for asking a perhaps dumb question. But where can I read the newest GLSA? The forum is not quite up-to-date. Is there be some dedicated website? Or will I have to subsribe to the security ML?

plate · Posted: Tue Jan 06, 2004 2:49 pm Post subject:

gentoo-announce is the name of the mailing list. Actually, the Forums are as much up to date on Gentoo Linux Security Announcements as it ever gets. Every time a GLSA gets published it appears on the front page of the Forums, too.

meyerm · Posted: Tue Jan 06, 2004 3:07 pm Post subject:

Ah, GLSA are published only when a patch is available and already merges into the portage tree?

ddanier · Tux's lil' helper Joined: 19 May 2002 Posts: 87

updated versions of the kernel availible, but no GLSA yet

_________________
My Box said: "Install Win95 or better ..." So I installed Linux.

Endolf · n00b Joined: 02 Feb 2003 Posts: 36

Hi
They are indeed. But what confuses me is having read the patch and compared my 2.4.22-r2 kernel source it doesn't appear to be in there, but the bug log says thats where they applied it. On the other hand, 2.4.22-r3 does have it, so i'm building that instead

Endolf

pb · n00b Joined: 08 Jan 2003 Posts: 6 Location: Kielce, Poland

Endolf · n00b Joined: 02 Feb 2003 Posts: 36

Hi
Mine seem to have some slight difference, i'm not sure what it's supposed to resolve too, but ${PVR} has been replaces with 2.4.22-r2 in the r3 ebuild, i'm *guessing* ${PVR} would resolve to 2.4.22-r3 and the patch files are the r2 ones still. This doesn't explain why my r2 sources don't have the patch though, unless the r2 ebuild has been updated since I got mine (the sync to get r3 would have overwritten the r2 ebuild in this case, so I can't tell)

Endolf

Endolf · n00b Joined: 02 Feb 2003 Posts: 36

Hmm
Just checked another box that I emerge sync'd 24 hours ago, and it does indeed look like the r2 ebuild changed as the old one doesn't have the RTC or mremap patches in it, where as the one i sync'd today does, I guess that is why I don't have the patches applied to my r2 kernel that I build yesterday afternoon (GMT)

Endolf

Edit: A quick copy between boxes and I get this