Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC: Linux Kernel Vulnerability ... 2.6.24.1 and prior SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Linux Kernel Vulnerability ... 2.6.24.1 and prior

From the “batten the hatches department” (borrowed from slashdot), it seems like we have been doing a lot of battening lately and will do even more in the next…um, week or so?  Here is one for the Linux people on pre-patch Tuesday, oh my…

One of our readers, Chris, said, “http://it.slashdot.org/it/08/02/10/2011257.shtml apparently affecting RHEL5 and OpenSuSE 10.3 amongst other popular distributions, could be rather bad news.”

Gordon sent us this quote from Slashdot:  "This local root exploit (Debian, Ubuntu) seems to work everywhere I try it, as long as it's a Linux kernel version 2.6.17 to 2.6.24.1. If you don't trust your users (which you shouldn't), better compile a new kernel without vmsplice."

Here is the Security Focus Data: 

http://www.securityfocus.com/bid/27704/discuss

http://www.securityfocus.com/bid/27704/solution

So get busy people… we will keep you updated!  Send any comments here.

 

 

 

Mari Nichols

76 Posts

Sign Up for Free or Log In to start participating in the conversation!