[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Fedora Legacy Test Update Notification: Kernel

From: Dave Jones <davej redhat com>
To: fedora-legacy-list redhat com
Subject: Re: Fedora Legacy Test Update Notification: Kernel
Date: Sat, 21 Feb 2004 18:44:26 +0000

On Sat, Feb 21, 2004 at 12:55:06PM -0500, Charles R. Anderson wrote:

 > > Paul Starzetz discovered a flaw in return value checking in mremap()
 > > in the Linux kernel versions 2.4.24 and previous that may allow a local
 > > attacker to gain root privileges. No exploit is currently available; 
 > > ...
 > 
 > There is an Proof-of-concept exploit available:
 > 
 > http://www.derkeiler.com/Mailing-Lists/Securiteam/2004-02/0052.html

that's "crash the box" exploit as opposed to "get local root", which
is what the 'no exploit' refers to in the original Red Hat advisory.

		Dave

References:
- Fedora Legacy Test Update Notification: Kernel
  - From: Jesse Keating
- Re: Fedora Legacy Test Update Notification: Kernel
  - From: Charles R. Anderson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]