[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

kernel update highly recommended



Hi folks,

I'd highly recommend if you're running 2.6.31 or 2.6.32, that you update
to the latest kernel in the koji builds here:

http://koji.fedoraproject.org/koji/taskinfo?taskID=1864871
http://koji.fedoraproject.org/koji/taskinfo?taskID=1864876

They fix a rather severe security problem with ext4 caused by
insufficient permission checking by the ext4 ioctl code, allowing a
malicious local user to corrupt files. Note, the ioctl isn't currently
used by userspace, so if you build your own kernels, you can just nuke
the entire EXT4_IOC_MOVE_EXT ioctl case.

NOTE: This is only a problem if you're using EXT4, if you aren't, you're
safe.

I'll get these pushed out to stable asap, but I wanted to let folks know
just in case rawhide doesn't compose before the downtime.

regards, Kyle M.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]