1 |
On Monday 05 January 2004 12:09, Tobias Weisserth wrote: |
2 |
> there is a new kernel vulnerability in the mremap system call. This |
3 |
> affects all kernels of the 2.2, 2,4 and 2.6 series with the exception of |
4 |
> 2.4.24. There is some information on this at |
5 |
> http://isec.pl/vulnerabilities/isec-0013-mremap.txt. |
6 |
|
7 |
yes, we know, see Bug 37292 |
8 |
|
9 |
> together with that do_brk() bug this is already the second major |
10 |
> exploitable bug in the gentoo-sources. Will there be a gentoo-sources |
11 |
> ebuild in Portage with the Gentoo tweaks for the 2.4.24 kernel or is it |
12 |
> better to migrate to 2.6 immediately? |
13 |
|
14 |
all kernels in portage should already be patched against do_brk() ... |
15 |
read the ChangeLog |
16 |
-mike |
17 |
|
18 |
|
19 |
-- |
20 |
gentoo-security@g.o mailing list |