A Linux Kernel Exploit was posted to Full-Disclosure effecting the 2.6.x kernels.
The attached code exploits a root race in /proc, The exploit has been acknowledged and a patch is now available.
The exploit can be found: http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047913.html
A patch for this exploit can be found here: http://lkml.org/lkml/diff/2006/7/14/306/1
(written by _array on #gentoo-hardened)
Note: http://lkml.org/lkml/2006/7/15/5 says that <HAL-0.5.7 may have troubles
latest gentoo stable is hal-0.5.5.1-r3 (all arches)
CVE from http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-18.104.22.168
Please do *not* use the 22.214.171.124 or 126.96.36.199 fix; I'm attaching a better one which shouldn't break HAL & etc...
Created attachment 91781 [details, diff]
Maintainers please bump your genpatches (2.6.16-15 or 2.6.17-4) or use the attached patch (don't use 188.8.131.52):
hardened-sources-2.6: johnm, hardened
xen-sources: chrb, agriffis
workaround for those waiting for a release is to mount proc with options nosuid as suggested by padde in #gentoo-bugs
gentoo-sources-2.6.16/2.6.17 -> done
suspend2-sources-2.6.16/2.6.17 -> done
openvz-sources-026.015 (2.6.16) -> done
ck-sources-2.6.16/2.6.17 -> done
hardened-sources-2.6.16-r11 bumped with genpatches 14
(In reply to comment #9)
I ment 15
*** Bug 140581 has been marked as a duplicate of this bug. ***
*** Bug 140797 has been marked as a duplicate of this bug. ***
(In reply to comment #4)
> Maintainers please bump your genpatches (2.6.16-15 or 2.6.17-4) or use the
> attached patch (don't use 184.108.40.206):
> ck-sources: marineam
> hardened-sources-2.6: johnm, hardened
> hppa-sources: GMSoft
> mips-sources: `Kumba
> rsbac-sources: kang
> sh-sources: sh
> suspend2-sources: brix
> usermode-sources: dang
> xbox-sources: chrb
> xen-sources: chrb, agriffis
220.127.116.11 fix these issues right? If so I have copied xen-sources-18.104.22.168 to xen-sources-22.214.171.124 and and it WFM on my xen test box.
(In reply to comment #14)
> 126.96.36.199 fix these issues right? If so I have copied xen-sources-188.8.131.52 to
> xen-sources-184.108.40.206 and and it WFM on my xen test box.
Yes, .26 fixes these issues correctly.
Fixed on hppa. First commit from my new place \o/
I've updated xen and xbox -sources to 220.127.116.11.
SH, RSBAC, this one too. Bump or patch.
rsbac-sources bumped to 2.6.18 in ~
As discussed in the past, SH no longer is kept track of by Gentoo Kernel Security. Closing bug.