[ILUG] kernel security hole
Darragh Bailey
felix at compsoc.nuigalway.ie
Fri Feb 15 12:31:07 GMT 2008
On Wed, Feb 13, 2008 at 08:39:47PM +0000, FRLinux wrote:
> On Feb 13, 2008 8:07 PM, oscar cassetti <oscar.getstring at gmail.com> wrote:
> > Is it not from 2.6.17. to 2.6.24.1?
>
> Yes, correct.
There appears to be some suggestion in the register that the
vulerable code appeared in 2.6.17, but only becomes a problem if you
have certain changes that were interduced by 2.6.23.
So maybe not all kernels from 2.6.17 to 2.6.23.16/2.6.24.2 are actually
vulerable, but any of the major distros that backported the changes from
2.6.23 will have made their kernels based on the earlier versions
vulerable.
So I'm getting the impression that some of the earlier with some of the
earlier kernels from 2.6.17 - 2.6.22 the exploit doesn't work as
intended and instead locks up the machine.
--
Darragh
"Nothing is foolproof to a sufficiently talented fool."
More information about the ILUG
mailing list