[arch-general] Kernel Rootexploit
Hi everybody, unfortunately today a new root exploit appeared. Look at: http://sota.gen.nz/compat2/ After some tests I can say: It works on Archlinux and Ubuntu, but not on debian. The "bugfix" found on http://seclists.org/fulldisclosure/2010/Sep/273 does not work on Arch and Ubuntu. The only current fix is to patch the kernel. allspark and me built new versions of the current Arch-kernel and the LTS-kernel. Kernel and PKGBUILD-tar can be found on: http://lorelei.h-ix.net/downloads/kernel26-2.6.35.4-1-x86_64.pkg.tar.gz http://lorelei.h-ix.net/downloads/kernel26-2.6.35.4-1.src.tar.gz http://lorelei.h-ix.net/downloads/kernel26-lts-2.6.32.21-2.src.tar.gz http://lorelei.h-ix.net/downloads/kernel26-lts-2.6.32.21-2-x86_64.pkg.tar.gz I will upload a new version of kernel26-vanilla to AUR later this day. Greetings Moritz <helios> Rudert
Am 17.09.2010 17:39, schrieb Moritz Rudert:
Hi everybody, unfortunately today a new root exploit appeared.
Look at: http://sota.gen.nz/compat2/
After some tests I can say: It works on Archlinux and Ubuntu, but not on debian.
The "bugfix" found on http://seclists.org/fulldisclosure/2010/Sep/273 does not work on Arch and Ubuntu.
There's actually two holes with two exploits. This workaround is for the 'compat1' exploit - which doesn't work on Arch, unlike compat2, which works. If I understand this right, the following three patches fix the problems: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdif... http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff&h=c41d68a513c71e35a14f66d71782d27a79a81ea6 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdif... I am building a new 64 Bit kernel26 right now, but I don't know when I can push this to the repositories, hopefully some time tonight.
On 09/17/2010 05:48 PM, Thomas Bächler wrote:
Hi everybody, unfortunately today a new root exploit appeared.
Look at: http://sota.gen.nz/compat2/
After some tests I can say: It works on Archlinux and Ubuntu, but not on debian.
The "bugfix" found on http://seclists.org/fulldisclosure/2010/Sep/273 does not work on Arch and Ubuntu. There's actually two holes with two exploits. This workaround is for the 'compat1' exploit - which doesn't work on Arch, unlike compat2, which works. If I understand this right, the following three patches fix the
Am 17.09.2010 17:39, schrieb Moritz Rudert: problems:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdif... http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff&h=c41d68a513c71e35a14f66d71782d27a79a81ea6 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdif...
I am building a new 64 Bit kernel26 right now, but I don't know when I can push this to the repositories, hopefully some time tonight.
Please also update kernel26-lts. Thanks Moritz <helios> Rudert
participants (2)
-
Moritz Rudert
-
Thomas Bächler