Gentoo Archives: gentoo-security

From: Mike Frysinger <vapier@g.o>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] new kernel vulnerability in 2.2, 2.4 and 2.6 series
Date: Mon, 05 Jan 2004 17:57:29
Message-Id: 200401051255.11529.vapier@gentoo.org
In Reply to: [gentoo-security] new kernel vulnerability in 2.2, 2.4 and 2.6 series by Tobias Weisserth
On Monday 05 January 2004 12:09, Tobias Weisserth wrote:
> there is a new kernel vulnerability in the mremap system call. This > affects all kernels of the 2.2, 2,4 and 2.6 series with the exception of > 2.4.24. There is some information on this at > http://isec.pl/vulnerabilities/isec-0013-mremap.txt.
yes, we know, see Bug 37292
> together with that do_brk() bug this is already the second major > exploitable bug in the gentoo-sources. Will there be a gentoo-sources > ebuild in Portage with the Gentoo tweaks for the 2.4.24 kernel or is it > better to migrate to 2.6 immediately?
all kernels in portage should already be patched against do_brk() ... read the ChangeLog -mike -- gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] new kernel vulnerability in 2.2, 2.4 and 2.6 series kerin@×××××××××××××××.net