[plug] Time to patch again

Bernard Blackham bernard at blackham.com.au
Tue Jan 6 01:34:34 WST 2004


For those that don't slashdot or subscribe to security lists, all
kernels < 2.4.23 have a wonderfully obscure local root hole that's
recently been discovered (yes, practically a month after the last
one...).

2.4.24 is pretty much a security fix that patches this hole, another
hole, and 2 possible causes of oopses. Note that to exploit it, you
need a local account on the machine, or a way of executing arbitrary
code (such as by exploiting the recent hole in rsync). So if you're
running a machine that only you use, then you can probably wait
until distribution security fixes come out.

There don't seem to be any exploits out in the wild yet, and isec
descibes it as 'non-trivial' (generally means pretty involved), so
chances of being compromised in the next 24 hours are pretty slim ;)

Regards,

Bernard.

-- 
 Bernard Blackham <bernard at blackham dot com dot au>



More information about the plug mailing list