Re: Potential security leak in Linux kernel + fix
- From: Unruh <unruh-spam@xxxxxxxxxxxxxx>
- Date: Wed, 11 Nov 2009 18:40:24 GMT
"David W. Hodgins" <dwhodgins@xxxxxxxxxxxxxxxxx> writes:
On Tue, 10 Nov 2009 06:06:32 -0500, Grant <g_r_a_n_t_@xxxxxxxxxxxxxxxxx> wrote:
On Tue, 10 Nov 2009 08:14:27 +0100, Aragorn <aragorn@xxxxxxxxxxxxxxxxxxx> wrote:
With thanks to Bit Twister, who brought this to our attention in
alt.os.linux.mandriva. Details in the article at the URL below.
http://www.itworld.com/security/83917/an-important-linux-fix
Was fixed long time ago, old news...
You're thinking of another bug, as I was, when I first read this.
See http://www.us-cert.gov/cas/bulletins/SB09-313.html
released 2009-11-04, it affects all kernels prior to 2.6.32-rc6.
Most distributions are not affected, as they set
/proc/sys/vm/mmap_min_addr to a value other then zero, but
currently up-to-date redhat and suse systems are affected.
So are mandriva systems.
Regards, Dave Hodgins
--.
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
- References:
- Potential security leak in Linux kernel + fix
- From: Aragorn
- Re: Potential security leak in Linux kernel + fix
- From: Grant
- Re: Potential security leak in Linux kernel + fix
- From: David W. Hodgins
- Potential security leak in Linux kernel + fix
- Prev by Date: Extracting random data from static, for /dev/random
- Next by Date: Re: Extracting random data from static, for /dev/random
- Previous by thread: Re: Potential security leak in Linux kernel + fix
- Next by thread: Extracting random data from static, for /dev/random
- Index(es):
Relevant Pages
|
