In the security alert I recived yesterday from Mandrake Security -snip- Package name: kernel Advisory ID: MDKSA-2003:110 Date: December 1st, 2003 Affected versions: 9.0, 9.1, Corporate Server 2.1, Multi Network Firewall 8.2 ______________________________________________________________________ Problem Description: A vulnerability was discovered in the Linux kernel versions 2.4.22 and previous. A flaw in bounds checking in the do_brk() function can allow a local attacker to gain root privileges. This vulnerability is known to be exploitable; an exploit is in the wild at this time. The Mandrake Linux 9.2 kernels are not vulnerable to this problem as the fix for it is already present in those kernels. MandrakeSoft encourages all users to upgrade their systems immediately. -snip- Robert Brockway wrote:
On Tue, 2 Dec 2003, JoeHill wrote:
What confuses me, is that my default install of MDK 9.2 shows kernel version:
2.4.22-10
But MDK says 9.2 is safe.
Can someone clarify this for me?
It is very common for distributions to patch their own kernels seperately to the main tree. This way they ensure minimalist changes to their kernel and also keep whatever customisation or optimisations they have previously incorporated.
So when upgrading to avoid an exploit like this, either go for a vanilla kernel which is known to be fixed (2.4.23 in this case) _or_ whatever version your distro maintainers advise is safe.
Rob
-- " Eventually people tire of repairing broken Windows, And decide to replace them with something stronger" (o_ //\ Linux - The Choice Of A GNU Generation V_/_ Jason Shein Linux Registered User #281100 jason-gaRZxGPHtpBxZtjKW1aY+1aTQe2KTcn/@public.gmane.org -- The Toronto Linux Users Group. Meetings: http://tlug.ss.org TLUG requests: Linux topics, No HTML, wrap text below 80 columns How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml