1 |
On 22/10/10 13:21, Anthony G. Basile wrote: |
2 |
> Hi all hardened users. |
3 |
> |
4 |
> On Oct. 19, a local privilege escalation exploit was found [1,2] that |
5 |
> affected hardened kernels on all architectures. For certain |
6 |
> configurations of the hardened kernel, it is possible for a local user |
7 |
> to obtain root privileges. The current Proof-Of-Concept code can be |
8 |
> frustrated by not providing symbol information via /proc/kallsyms or |
9 |
> System.map, but at this time it is unclear if other hardening |
10 |
> features such as CONFIG_PAX_MEMORY_UDEREF provide adequate protection |
11 |
> against variations of the POC which do not need symbols. |
12 |
> |
13 |
> All users are encouraged to upgrade to hardened-sources-2.6.32-r22 |
14 |
> which is currently marked stable on amd64 and x86. It is being fast |
15 |
> tracked on other archs. [3] |
16 |
> |
17 |
> hardened-sources-2.6.35-r4 is also not vulnerable, but cannot be |
18 |
> stabilized yet because of a bug in dhcp which also affects |
19 |
> gentoo-sources-2.6.35-r4. [4] For those who want kernels > .32 and |
20 |
> can live with the minor bug, you can safely use |
21 |
> hardened-sources-2.6.35-r4. |
22 |
> |
23 |
> Later this week, all ebuild for vulnerable kernels will be removed |
24 |
> from the tree, except for hardened-sources-2.6.34-r6 |
25 |
> hardened-sources-2.6.32-r9 and hardened-sources-2.6.28-r9. These will |
26 |
> be kept for continuity. |
27 |
> |
28 |
> |
29 |
> Ref: |
30 |
> |
31 |
> [1] http://www.vsecurity.com/resources/advisory/20101019-1/ |
32 |
> |
33 |
> [2] http://bugs.gentoo.org/show_bug.cgi?id=341801 |
34 |
> |
35 |
> [3] http://bugs.gentoo.org/show_bug.cgi?id=341915 |
36 |
> |
37 |
> [4] http://bugs.gentoo.org/show_bug.cgi?id=334341 |
38 |
> |
39 |
|
40 |
Just to verify: if I understand |
41 |
https://bugs.gentoo.org/show_bug.cgi?id=341801 correctly, a secure |
42 |
replacement for (stable) hardened-sources-2.6.34-r6 on amd64 will not be |
43 |
stabilized within a month, as it is awaiting baselayout-2 stabilisation |
44 |
(offtopic: w00t). Or I'd need to downgrade to 2.6.32. |
45 |
|
46 |
For people running baselayout-2 already, there is no reason not to add |
47 |
hardened-sources-2.6.35-r4 to package.keywords and upgrade? |
48 |
|
49 |
-- |
50 |
Regards, |
51 |
Tom |