| 1 |
On Monday 05 January 2004 12:09, Tobias Weisserth wrote: |
| 2 |
> there is a new kernel vulnerability in the mremap system call. This |
| 3 |
> affects all kernels of the 2.2, 2,4 and 2.6 series with the exception of |
| 4 |
> 2.4.24. There is some information on this at |
| 5 |
> http://isec.pl/vulnerabilities/isec-0013-mremap.txt. |
| 6 |
|
| 7 |
yes, we know, see Bug 37292 |
| 8 |
|
| 9 |
> together with that do_brk() bug this is already the second major |
| 10 |
> exploitable bug in the gentoo-sources. Will there be a gentoo-sources |
| 11 |
> ebuild in Portage with the Gentoo tweaks for the 2.4.24 kernel or is it |
| 12 |
> better to migrate to 2.6 immediately? |
| 13 |
|
| 14 |
all kernels in portage should already be patched against do_brk() ... |
| 15 |
read the ChangeLog |
| 16 |
-mike |
| 17 |
|
| 18 |
|
| 19 |
-- |
| 20 |
gentoo-security@g.o mailing list |
Archives