| 1 |
Hello everybody, |
| 2 |
|
| 3 |
there is a new kernel vulnerability in the mremap system call. This |
| 4 |
affects all kernels of the 2.2, 2,4 and 2.6 series with the exception of |
| 5 |
2.4.24. There is some information on this at |
| 6 |
http://isec.pl/vulnerabilities/isec-0013-mremap.txt. |
| 7 |
|
| 8 |
Will there be a patch available in Portage? The 2.4.24 Vanilla sources |
| 9 |
are already clean and available at kernel.org but Portage is lacking |
| 10 |
them. |
| 11 |
|
| 12 |
Together with that do_brk() bug this is already the second major |
| 13 |
exploitable bug in the gentoo-sources. Will there be a gentoo-sources |
| 14 |
ebuild in Portage with the Gentoo tweaks for the 2.4.24 kernel or is it |
| 15 |
better to migrate to 2.6 immediately? |
| 16 |
|
| 17 |
At the moment I am a bit at a loss on how to tell whether a kernel from |
| 18 |
Portage, especially the gentoo-sources are patched against these kind of |
| 19 |
bugs. What's the best way to enjoy a high performance yet secure Gentoo |
| 20 |
Kernel, preferably a 2.4 series kernel? At the moment I am using the |
| 21 |
gento-sources from Portage: |
| 22 |
|
| 23 |
[ebuild R ] sys-kernel/gentoo-sources-2.4.22 |
| 24 |
|
| 25 |
regards, |
| 26 |
Tobias |
| 27 |
|
| 28 |
|
| 29 |
-- |
| 30 |
gentoo-security@g.o mailing list |
Archives