[Gloucs] Linux kernel vulnerability
Matthew Booth
mbooth at redhat.com
Mon Feb 11 10:47:12 GMT 2008
Iain Calder wrote:
> On 10/02/2008, Glyn Davies <glynd at walmore.com> wrote:
>> The LUGmaster list had a few posts concerning a local user vulnerability
>> in kernels since 2.6.17. This appears to have surfaced a few days ago.
>>
>> I don't have user friendly details but to quote from the posting, "it is
>> currently listed on http://isc.sans.org/newssummary.html as "Linux
>> Kernel 2.6.17 - 2.6.24.1 vmsplice Local Root Exploit"
>
>
>
> Thanks for posting this Glyn, I hadn't spotted it. If anyone is running
> Centos 5 (and presumably RHEL 5) I can confirm it is exploitable in the
> default setup.
>
You can follow the fun here:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-0600
Matt
--
Matthew Booth, RHCA, RHCSS
Red Hat, Global Professional Services
M: +44 (0)7977 267231
GPG ID: D33C3490
GPG FPR: 3733 612D 2D05 5458 8A8A 1600 3441 EA19 D33C 3490
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://mailman.lug.org.uk/pipermail/gloucs/attachments/20080211/f3108550/signature.bin
More information about the gloucs
mailing list