Mailinglist Archive: opensuse-security (670 mails)
| < Previous | Next > |
Re: [suse-security] SuSE 7.3 : Kernel 2.4.10-4GB Bug (fwd)
- From: Roman Drahtmueller <draht@xxxxxxx>
- Date: Fri, 23 Nov 2001 01:13:55 +0100 (MET)
- Message-id: <Pine.LNX.4.33.0111230112280.3270-100000@xxxxxxxxxxxx>
>
> Forward from Bugtraq
>
> Is the updated Kernel 2.4.10-20011026 secure against this bug?
>
> (Sorry, can't test it for myself at the moment, as my 7.3-box is in
> production use and I need to avoid unnecessary downtimes)
Unfortunately not. Andrea Arcangeli's mail hasn't found its way through
the bugtraq moderator's queue yet, but it should this night. We've been
trying it out last night, and I crashed a few boxes throughout SuSE's
internal network. Not very funny.
Anyway, we're preparing an update kernel. Once again...
Roman.
>
> ---------- Forwarded message ----------
> From: Juergen Pabel <spamtrap@xxxxxxxxxxxxxx>
> To: bugtraq@xxxxxxxxxxxxxxxxx
> Date: Wed, 21 Nov 2001 10:52:17 +0100
> Subject: SuSE 7.3 : Kernel 2.4.10-4GB Bug
>
> Summary:
> Any local user can crash a SuSE 7.3 Kernel 2.4.10-4GB (I imagine this is a
> buffer overflow or pointer verification problem while in kernel mode)
>
> Details:
> I updated my SuSE 7.2 installation to 7.3 and now I can reproducably crash
> the system as any local user (ie: non-root). Out of curiousity i started the
> file /usr/src/linux/vmlinux (basically: the file "vmlinux" in the base kernel
> source directory) which is the "pure" (for lack of a better word) kernel
> after a successful kernel compilation. Since this file is essentially an ELF
> executable it's possible to start it (whether or not it actually "runs" is a
> different story). On a correctly running kernel it should (and does) exit
> with SIGSEGV, while on a 2.4.10-4GB kernel it crashes the whole system (hard
> reset, instantly...kaputt).
> I have not tested this any further except to verify that this is actually a
> problem with the kernel and not some other kernel module i use (vmware,
> pcmcia, ...) or even hardware (tested with same result on a different machine)
>
> I have also not notified the vendor yet because I haven't verified if the
> cause is a SuSE patch or if the problem resides within the original kernel
> code (I haven't even started looking for the source of the problem).
>
> If you want to contact me do so via email "jpabel at akkaya dot de"
>
> Juergen Pabel
> Akkaya Consulting GmbH
> www.akkaya.de
>
>
>
--
- -
| Roman Drahtmüller <draht@xxxxxxx> // "You don't need eyes to see, |
SuSE GmbH - Security Phone: // you need vision!"
| Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- -
> Forward from Bugtraq
>
> Is the updated Kernel 2.4.10-20011026 secure against this bug?
>
> (Sorry, can't test it for myself at the moment, as my 7.3-box is in
> production use and I need to avoid unnecessary downtimes)
Unfortunately not. Andrea Arcangeli's mail hasn't found its way through
the bugtraq moderator's queue yet, but it should this night. We've been
trying it out last night, and I crashed a few boxes throughout SuSE's
internal network. Not very funny.
Anyway, we're preparing an update kernel. Once again...
Roman.
>
> ---------- Forwarded message ----------
> From: Juergen Pabel <spamtrap@xxxxxxxxxxxxxx>
> To: bugtraq@xxxxxxxxxxxxxxxxx
> Date: Wed, 21 Nov 2001 10:52:17 +0100
> Subject: SuSE 7.3 : Kernel 2.4.10-4GB Bug
>
> Summary:
> Any local user can crash a SuSE 7.3 Kernel 2.4.10-4GB (I imagine this is a
> buffer overflow or pointer verification problem while in kernel mode)
>
> Details:
> I updated my SuSE 7.2 installation to 7.3 and now I can reproducably crash
> the system as any local user (ie: non-root). Out of curiousity i started the
> file /usr/src/linux/vmlinux (basically: the file "vmlinux" in the base kernel
> source directory) which is the "pure" (for lack of a better word) kernel
> after a successful kernel compilation. Since this file is essentially an ELF
> executable it's possible to start it (whether or not it actually "runs" is a
> different story). On a correctly running kernel it should (and does) exit
> with SIGSEGV, while on a 2.4.10-4GB kernel it crashes the whole system (hard
> reset, instantly...kaputt).
> I have not tested this any further except to verify that this is actually a
> problem with the kernel and not some other kernel module i use (vmware,
> pcmcia, ...) or even hardware (tested with same result on a different machine)
>
> I have also not notified the vendor yet because I haven't verified if the
> cause is a SuSE patch or if the problem resides within the original kernel
> code (I haven't even started looking for the source of the problem).
>
> If you want to contact me do so via email "jpabel at akkaya dot de"
>
> Juergen Pabel
> Akkaya Consulting GmbH
> www.akkaya.de
>
>
>
--
- -
| Roman Drahtmüller <draht@xxxxxxx> // "You don't need eyes to see, |
SuSE GmbH - Security Phone: // you need vision!"
| Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- -
| < Previous | Next > |