[dundee] Linux Kernel 'ac_ioctl()' Local Buffer Overflow Vulnerability
Sean McRobbie
lug at seany.us
Sun Dec 14 22:22:20 UTC 2008
Dammit! There goes uptimes....
Any idea how this affects OpenVZ & Xen containers?
Issues like this always have to come up just before exams don't they?
Regards,
Sean McRobbie
----- Original Message -----
From: "Arron Finnon" <afinnon at googlemail.com>
To: dundee at lists.lug.org.uk
Sent: Sunday, 14 December, 2008 22:00:33 GMT +00:00 GMT Britain, Ireland, Portugal
Subject: Re: [dundee] Linux Kernel 'ac_ioctl()' Local Buffer Overflow Vulnerability
Bit More info if anyone is interested
18. Linux Kernel 'ac_ioctl()' Local Buffer Overflow Vulnerability
BugTraq ID: 32759
Remote: No
Date Published: 2008-12-10
Relevant URL: http://www.securityfocus.com/bid/32759
Summary:
The Linux kernel is prone to a local buffer-overflow vulnerability
because it fails to perform adequate boundary checks on user-supplied
data.
Local attackers may be able to exploit this issue to crash the
affected kernel, denying service to legitimate users. Given the nature
of this issue, attackers may also be able to run arbitrary code, but
this has not been confirmed.
Versions prior to the Linux kernel 2.6.28-rc1 are vulnerable.
_______________________________________________
dundee GNU/Linux Users Group mailing list
dundee at lists.lug.org.uk http://dundee.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/dundee
Chat on IRC, #tlug on dundee.lug.org.uk
More information about the dundee
mailing list