[Gllug] Root exploit 2.2.0 to 2.4.10

Chris Ball chris at void.printf.net
Thu Oct 20 00:23:13 UTC 2011

On Fri, 2001-10-19 at 20:12, William Palfreman wrote:
> Just seen this on /.  I'm about to just testing it now to see if it is
> true.  If it is and you administer shell account boxes you could be
> in trouble.  Expect a very rapid release of 2.2.20!  

You didn't provide a link and it's not on the front page, so I'll
explain a little.

There's a kernel bug that can allow:

o A DOS attack through referencing an arbitrary number of symlinks
o A /local/ root exploit via an setuid app (in this example, a
  world-executable and setuid root /usr/bin/addgrp) and ptrace.

It affects all 2.2 kernels, and 2.4 kernels pre 2.4.10.  I'm upgrading a
few public-facing machines now.. *sigh*

Details at:


$a="printf.net"; Chris Ball | chris at void.$a | www.$a | finger: chris@$a
         "In the beginning there was nothing, which exploded."          

Gllug mailing list  -  Gllug at linux.co.uk

More information about the GLLUG mailing list