![](https://seccdn.libravatar.org/avatar/edc47c145813667538fa627e7c053477.jpg?s=120&d=mm&r=g)
Forward from Bugtraq
Is the updated Kernel 2.4.10-20011026 secure against this bug?
(Sorry, can't test it for myself at the moment, as my 7.3-box is in production use and I need to avoid unnecessary downtimes)
Unfortunately not. Andrea Arcangeli's mail hasn't found its way through the bugtraq moderator's queue yet, but it should this night. We've been trying it out last night, and I crashed a few boxes throughout SuSE's internal network. Not very funny. Anyway, we're preparing an update kernel. Once again... Roman.
---------- Forwarded message ---------- From: Juergen Pabel
To: bugtraq@securityfocus.com Date: Wed, 21 Nov 2001 10:52:17 +0100 Subject: SuSE 7.3 : Kernel 2.4.10-4GB Bug Summary: Any local user can crash a SuSE 7.3 Kernel 2.4.10-4GB (I imagine this is a buffer overflow or pointer verification problem while in kernel mode)
Details: I updated my SuSE 7.2 installation to 7.3 and now I can reproducably crash the system as any local user (ie: non-root). Out of curiousity i started the file /usr/src/linux/vmlinux (basically: the file "vmlinux" in the base kernel source directory) which is the "pure" (for lack of a better word) kernel after a successful kernel compilation. Since this file is essentially an ELF executable it's possible to start it (whether or not it actually "runs" is a different story). On a correctly running kernel it should (and does) exit with SIGSEGV, while on a 2.4.10-4GB kernel it crashes the whole system (hard reset, instantly...kaputt). I have not tested this any further except to verify that this is actually a problem with the kernel and not some other kernel module i use (vmware, pcmcia, ...) or even hardware (tested with same result on a different machine)
I have also not notified the vendor yet because I haven't verified if the cause is a SuSE patch or if the problem resides within the original kernel code (I haven't even started looking for the source of the problem).
If you want to contact me do so via email "jpabel at akkaya dot de"
Juergen Pabel Akkaya Consulting GmbH www.akkaya.de
--
- -
| Roman Drahtmüller