On Wed, Feb 5, 2014 at 12:11 PM, Jason
On Wednesday, February 05, 2014 10:55:19 Marcus Meissner wrote:
On Wed, Feb 05, 2014 at 10:51:37AM +0100, Stefan Hoese wrote:
Hello,
did I miss something or is this [1][2] still unpatched in openSUSE 12.3 and 13.1 kernels?
After:
zypper in linux-sources
and:
grep -r -e "if (get_compat_timespec(&ktspec, timeout))" /usr/src/*
there was the expected output for the _unpatched_ kernel.
Much worse, the "CONFIG_X86_X32=y" (for openSUSE 13.1) and "CONFIG_X86_32=y" (for openSUSE 12.3) seems to be available in *every* kernel configuration. Is there a chance to use any kernel parameters for deactivating this problem? I didn't find any solution.
Manually patching the kernel is no option for me. In the case of patching myself and the assumption that it will not be fixed in the repositories I will probably end up repairing this after every kernel update.
The kernel updates for 12.3 and 13.1 are in the update-test repos and will be released hopefully this week after some smoketesting.
You can check them out already at http://download.opensuse.org/update/12.3-test/ or http://download.opensuse.org/update/13.1-test/
Our bugzilla for this is https://bugzilla.novell.com/show_bug.cgi?id=860993
Ciao, Marcus
My unsolicited two cents:
Was following this specific vuln on the net and I have to say, the release of patched kernels for 12.3/13.1 so late isn't acceptable. Not to delve into what you'd need to do to actually _get_ root maliciously, but to point out that _every_ major distro out there had it patched in a matter of day or two.
Two days ago POC was released too:https://github.com/saelo/cve-2014-0038 yet for a few line patch kernels lie in testing.
This is not a POC, it is a fully working local root exploit. But what hurts most is that CONFIG_X86_X32 is enabled in openSUSE kernels without any reason. -- Thanks, //richard -- To unsubscribe, e-mail: opensuse-kernel+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-kernel+owner@opensuse.org