[rsbac] Bugfixing the kernel uselib vulnerability

Amon Ott ao at rsbac.org
Mon Jan 10 17:01:52 CET 2005

Several new vulnerabilities have been found for kernel 2.4.28, the 
most important one got known as uselib bug.

The more or less official bugfix, which also made its way into 
2.4.29-rc1, does not apply cleanly to an RSBAC patched kernel. The 
attached patch is a modified version, which does apply without 
rejects. The fix should be correct, but please recheck yourself.

Please note that there have also been several vulnerabilities found in 
kernel 2.6.10 (as in almost any kernel in the 2.6 series so far). I 
strongly recommend to at least follow the -ac patches by Alan Cox, if 
you happen to use 2.6 kernels for production use.

The pre-patched RSBAC kernels do not contain third party fixes, it is 
impossible to maintain all these patches here!

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde geschreddert...
Dateiname   : rsbac-uselib.diff
Dateityp    : text/x-diff
Dateigröße  : 8366 bytes
Beschreibung: nicht verfügbar
URL         : http://www.rsbac.org/pipermail/rsbac/attachments/20050110/9d3ab52b/rsbac-uselib.bin
-------------- nächster Teil --------------
Version: GnuPG v1.2.4 (GNU/Linux)


More information about the rsbac mailing list