[plug] do_brk() vuln with kernels < 2.4.23
James Devenish
devenish at guild.uwa.edu.au
Thu Dec 18 14:12:19 WST 2003
In message <1071726087.666.16.camel at syngery>
on Thu, Dec 18, 2003 at 01:41:28PM +0800, Chris Caston wrote:
> 2.4.18-5woody5
>
> Is this likely susceptible to do_brk() ?
What does the changelog.gz file say? For example, if it's like this,
I would infer that it is sufficiently patched:
/usr/share/doc/kernel-image-2.4.18*/changelog.gz:
* Build against kernel-source-2.4.18 version 2.4.18-14
to pick up security fixes.
(Sun, 30 Nov 2003 13:33:14 +0000)
(It's the latest version available, and also note the date.) This
can be cross-checked with source version 2.4.18-14's changelog:
/usr/share/doc/kernel-source-2.4.18/changelog.gz:
kernel-source-2.4.18 (2.4.18-14)
* Added TASK_SIZE check to do_brk in mm/mmap.c.
(Sat, 29 Nov 2003 10:06:19 +1100)
More information about the plug
mailing list