Gentoo Archives: gentoo-security

From: Tobias Weisserth <tobias@×××××××××.de>
To: gentoo-security@l.g.o
Subject: [gentoo-security] new kernel vulnerability in 2.2, 2.4 and 2.6 series
Date: Mon, 05 Jan 2004 17:05:52
Hello everybody,

there is a new kernel vulnerability in the mremap system call. This
affects all kernels of the 2.2, 2,4 and 2.6 series with the exception of
2.4.24. There is some information on this at

Will there be a patch available in Portage? The 2.4.24 Vanilla sources
are already clean and available at but Portage is lacking

Together with that do_brk() bug this is already the second major
exploitable bug in the gentoo-sources. Will there be a gentoo-sources
ebuild in Portage with the Gentoo tweaks for the 2.4.24 kernel or is it
better to migrate to 2.6 immediately?

At the moment I am a bit at a loss on how to tell whether a kernel from
Portage, especially the gentoo-sources are patched against these kind of
bugs. What's the best way to enjoy a high performance yet secure Gentoo
Kernel, preferably a 2.4 series kernel? At the moment I am using the
gento-sources from Portage:

[ebuild   R   ] sys-kernel/gentoo-sources-2.4.22


gentoo-security@g.o mailing list