Confirm? New local root exploits
Szabó Ákos
fonya at fatav.hu
Fri Jan 7 23:16:00 UTC 2005
On Fri, 2005-01-07 at 17:52 -0500, Alan Cox wrote:
Its fixed in 2.6.10-ac6 along with the following
> - DoS/oops in setsid (user triggerable)
> - Coda unverified user data (only if using Coda)
> - XFS unverified user data (only if using XFS)
> - Bridge ioctl (only if using bridge and already net_admin)
> - Rose ioctl (only if using rose and already net_admin)
> - SDLA firmware ioctls (only if net_admin and using sdla)
Brad Spengler send a mail to the grsecurity list, and He wrote:
3) 2.4/2.6 random poolsize sysctl handler integer overflow
4) 2.6 scsi ioctl integer overflow and information leak
5) 2.2/2.4/2.6 moxa serial driver bss overflow
6) 2.4/2.6 RLIMIT_MEMLOCK bypass and (2.6) unprivileged user DoS
7) Attachments, including patches for all vulns, a POC for #3, and a
working exploit for #6
He talk about 2.4.28, and 2.6.10. If You want, I can forward the whole
message.
The -ac6 patch fixed those problems?
--
Fonya
Amióta NT-t installáltam a porszívómra, semmi szívás nincs vele.
PGP key ID F86614E5, GPG key ID 83AD9365
More information about the fedora-test-list
mailing list