[rsbac] Bugfixing the kernel uselib vulnerability
Amon Ott
ao at rsbac.org
Mon Jan 10 17:01:52 CET 2005
Several new vulnerabilities have been found for kernel 2.4.28, the
most important one got known as uselib bug.
The more or less official bugfix, which also made its way into
2.4.29-rc1, does not apply cleanly to an RSBAC patched kernel. The
attached patch is a modified version, which does apply without
rejects. The fix should be correct, but please recheck yourself.
Please note that there have also been several vulnerabilities found in
kernel 2.6.10 (as in almost any kernel in the 2.6 series so far). I
strongly recommend to at least follow the -ac patches by Alan Cox, if
you happen to use 2.6 kernels for production use.
The pre-patched RSBAC kernels do not contain third party fixes, it is
impossible to maintain all these patches here!
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde geschreddert...
Dateiname : rsbac-uselib.diff
Dateityp : text/x-diff
Dateigröße : 8366 bytes
Beschreibung: nicht verfügbar
URL : http://www.rsbac.org/pipermail/rsbac/attachments/20050110/9d3ab52b/rsbac-uselib.bin
-------------- nächster Teil --------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQBB4qV6q9yn6h5RTo8RAjbvAJsF6HakNQ+A3b4aZ7YYl2yp1jjhhwCcCZsc
Os+PiudcjredsokvLt0RE3Q=
=bAVe
-----END PGP SIGNATURE-----
More information about the rsbac
mailing list