Summary: | ia64 ptrace corner cases (Vendor-Sec) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> |
Component: | Kernel | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | CONFIDENTIAL | ||
Package list: | Runtime testing required: | --- |
Not affected on this - we don't use 2.4 on IA64 and 2.6.11 vanilla-sources and 2.6.12 gentoo-sources are stable which both aren't affected by this. Closing bug. |
> Please note that this patch: > > http://lia64.bkbits.net:8080/linux-ia64-release-2.6.11/cset@41f2d1eePludGYyb1yOmGaW6Iois8Q > > is a critical security fix which plugs a hole which allowed a local > user to crash a machine (confirmed) or perhaps gain root privileges > (unconfirmed). In other words, please make sure your favorite distro > doesn't miss out on this one... > > Unfortunately, security issues seem to come in clusters and there is > another one pending related to the kernel unwinder. I'll send a > pointer once there is a final patch.