[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Confirm? New local root exploits



On Fri, Jan 07, 2005 at 05:43:29PM -0500, Will Backman wrote:
> Anyone tried the recently announced local root exploits against Fedora
> Core?  Do the stack protections and other stuff protect the Fedora
> Kernel?

Not in this case

> I've manage a university shell server with many many student accounts.
> Scared....

Its fixed in 2.6.10-ac6 along with the following
	-	DoS/oops in setsid (user triggerable)
	-	Coda unverified user data (only if using Coda)
	-	XFS unverified user data (only if using XFS)
	-	Bridge ioctl (only if using bridge and already net_admin)
	-	Rose ioctl (only if using rose and already net_admin)
	-	SDLA firmware ioctls (only if net_admin and using sdla)



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]