Bug 2846 – current kernels have a security flaw allowing to gain root

Bug 2846 - current kernels have a security flaw allowing to gain root

Summary:

current kernels have a security flaw allowing to gain root

Status:	CLOSED FIXED

Product:	Security
Classification:	Unclassified
Component:	General / Other Security Issue
Version:	unspecified
Platform:	All other

Importance:	P3 major
Assigned To:	SM Security List

URL:	http://www.uwsg.iu.edu/hypermail/linu...

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2003-03-18 06:44 UTC by unet
Modified:	2003-10-19 23:11 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description unet 2003-03-18 06:44:53 UTC

see above URL for description and Alan Cox's patch

Comment 1 Vladimir Vydra 2003-03-21 02:25:33 UTC

There is another solution if u use 2.4.20 kernel : patch the kernel with
grsecurity-1.9.9e-2.4.20.patch. It has A. Cox patch included and also when u
enable radomizen PIDs and stack/nmap feature - it's almost impossible for this
king of exploit to work (even if u dond have A. Cox patch)

Comment 2 erics 2003-06-02 03:19:37 UTC

Closing out this as we are past the patch version in the linux spell. At least 
grsecruity is at 1.9.9g 
 
Eric

Comment 3 Seth Woolley 2003-06-02 04:31:11 UTC

not only that, but that's what I thought the ptrace patch was for in the kernel
spell -- I guess I forgot to close this. :)

Comment 4 games 2003-10-19 21:58:05 UTC

I am guessing all of these could really be closed ?

Comment 5 games 2003-10-19 23:11:10 UTC

if any of these still have issues outstanding then they can be reopened, but
most  have just been overlooked/forgotten
("these" refers to the 611 fixed but not closed bugs I just found in our database)