[rsbac] Linux: 2.4.24 Stable Kernel Released
Amon Ott
ao at rsbac.org
Mon Jan 5 16:59:49 CET 2004
On Montag, 5. Januar 2004 16:39, Michal Medvecky wrote:
> Summary of changes from v2.4.23 to v2.4.24-rc1
> ============================================
>
> <marcelo.tosatti:[blocked]>:
> o Andrea Arcangeli: malicious users of mremap() syscall can gain
> priviledges
>
>
> Just a quick question - is RSBAC vulnerable to that case?
Yes, same problem as with do_brk. However, so far there does not seem to be
any exploit code floating around, only claims. See http://lists.netsys.com/
pipermail/full-disclosure/2004-January/015198.html
The 2.4.24 patch for RSBAC 1.2.2 is out in /pre, so you can update.
Alternatively, use the patch for earlier kernels I posted.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list