kernel do_mremap local privilege escalation vulnerability
http://isec.pl/vulnerabilities/isec-0013-mremap.txt Hi there! Did anybody knows if SuSE kernels are vulnerable to this one? And if it is, when will be the patch available? P.S. Sorry if I repeat the questions asked by others today
Hi, On Mon, Jan 05, 2004 at 07:18:37PM +0200, Radu Voicu wrote:
Did anybody knows if SuSE kernels are vulnerable to this one? And if it is, when will be the patch available?
The answers are "Yes" and "Now". Olaf -- Olaf Kirch | Stop wasting entropy - start using predictable okir@suse.de | tempfile names today! ---------------+
So, I suppose that the translation would be: "Yes, SuSE kernels are vulnerable to this one" "No, we don't know when the patch will be available" Am I assuming right? :)) ----- Original Message ----- From: "Olaf Kirch" <okir@suse.de> To: "Radu Voicu" <suse@ploiesti.rdsnet.ro> Cc: <suse-security@suse.com> Sent: Monday, January 05, 2004 8:21 PM Subject: Re: [suse-security] kernel do_mremap local privilege escalation vulnerability
Hi,
On Mon, Jan 05, 2004 at 07:18:37PM +0200, Radu Voicu wrote:
Did anybody knows if SuSE kernels are vulnerable to this one? And if it is, when will be the patch available?
The answers are "Yes" and "Now".
Olaf -- Olaf Kirch | Stop wasting entropy - start using predictable okir@suse.de | tempfile names today! ---------------+
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Olaf wrote "now" and not "no". So we should have a look at the ftp-servers... ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/ k_deflt-2.4.21-166.i586.rpm for example... ;-> But maybe one should wait for the mirror-run at night?! On Montag, 5. Januar 2004 19:34, Radu Voicu wrote:
So, I suppose that the translation would be:
"Yes, SuSE kernels are vulnerable to this one" "No, we don't know when the patch will be available"
Am I assuming right? :))
----- Original Message ----- From: "Olaf Kirch" <okir@suse.de> To: "Radu Voicu" <suse@ploiesti.rdsnet.ro> Cc: <suse-security@suse.com> Sent: Monday, January 05, 2004 8:21 PM Subject: Re: [suse-security] kernel do_mremap local privilege escalation vulnerability
Hi,
On Mon, Jan 05, 2004 at 07:18:37PM +0200, Radu Voicu wrote:
Did anybody knows if SuSE kernels are vulnerable to this one? And if it is, when will be the patch available?
The answers are "Yes" and "Now".
-- Eat, sleep and go running, David Huecking. Encrypted eMail welcome! GnuPG/ PGP-Key: 0x57809216. Fingerprint: 3DF2 CBE0 DFAA 4164 02C2 4E2A E005 8DF7 5780 9216
On Mon, Jan 05, 2004 at 08:34:22PM +0200, Radu Voicu wrote:
"Yes, SuSE kernels are vulnerable to this one" "No, we don't know when the patch will be available"
Am I assuming right? :))
No, the second answer is indeed "now". FTP servers should be in the process of syncing them from our staging server. Olaf -- Olaf Kirch | Stop wasting entropy - start using predictable okir@suse.de | tempfile names today! ---------------+
On Mon, Jan 05, 2004 at 07:48:03PM +0100, Olaf Kirch wrote:
On Mon, Jan 05, 2004 at 08:34:22PM +0200, Radu Voicu wrote:
"Yes, SuSE kernels are vulnerable to this one" "No, we don't know when the patch will be available"
Am I assuming right? :))
No, the second answer is indeed "now". FTP servers should be in the process of syncing them from our staging server.
There is something rather odd about this update. I have attempted several times to update the system automatically this evening via YOU, however despite: anthony@catfish:~> rpm -qf /boot/vmlinuz k_deflt-2.4.20-101 YOU repeatedly attempts to download and install k_athlon. Obviously, since this is not what I want (the system is a Pentium III 550Mhz), I have aborted this update before completion in each case. Does anyone know what is causing this, and what the fix might be (obviously I could download the k_deflt package and install it manually, but prefer to use YOU wherever possible)? TIA. -- Anthony Edwards anthony.edwards@uk.easynet.ne
On Mon, Jan 05, 2004 at 10:18:44PM +0000, Anthony Edwards wrote:
On Mon, Jan 05, 2004 at 07:48:03PM +0100, Olaf Kirch wrote:
On Mon, Jan 05, 2004 at 08:34:22PM +0200, Radu Voicu wrote:
"Yes, SuSE kernels are vulnerable to this one" "No, we don't know when the patch will be available"
Am I assuming right? :))
No, the second answer is indeed "now". FTP servers should be in the process of syncing them from our staging server.
There is something rather odd about this update. I have attempted several times to update the system automatically this evening via YOU, however despite:
anthony@catfish:~> rpm -qf /boot/vmlinuz k_deflt-2.4.20-101
YOU repeatedly attempts to download and install k_athlon. Obviously, since this is not what I want (the system is a Pentium III 550Mhz), I have aborted this update before completion in each case.
Does anyone know what is causing this, and what the fix might be (obviously I could download the k_deflt package and install it manually, but prefer to use YOU wherever possible)?
I should add, perhaps, that I am running SuSE 8.2. -- Anthony Edwards * anthony.edwards@uk.easynet.net Abuse Team Manager * Easynet UK Abuse Team Easynet Ltd * DDI: 0161 227 0707 http://www.uk.easynet.net * Fax: 0845 333 4503
Anthony Edwards wrote:
On Mon, Jan 05, 2004 at 07:48:03PM +0100, Olaf Kirch wrote:
On Mon, Jan 05, 2004 at 08:34:22PM +0200, Radu Voicu wrote:
"Yes, SuSE kernels are vulnerable to this one" "No, we don't know when the patch will be available"
Am I assuming right? :))
No, the second answer is indeed "now". FTP servers should be in the process of syncing them from our staging server.
There is something rather odd about this update. I have attempted several times to update the system automatically this evening via YOU, however despite:
anthony@catfish:~> rpm -qf /boot/vmlinuz k_deflt-2.4.20-101
YOU repeatedly attempts to download and install k_athlon. Obviously, since this is not what I want (the system is a Pentium III 550Mhz), I have aborted this update before completion in each case.
I think if you check the details it is downloaded i386 but the short description in YOU looks like athlon. ? Regards, Dave.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 El Lunes, 5 de Enero de 2004 23:57, Dave Lists escribió:
YOU repeatedly attempts to download and install k_athlon. Obviously, since this is not what I want (the system is a Pentium III 550Mhz), I have aborted this update before completion in each case.
I think if you check the details it is downloaded i386 but the short description in YOU looks like athlon. ?
Yes. The short description *is not correct* but the kernel downloaded and installed is correct. My system is a Pentium III 500MHz and the kernel updated with YOU is: rpm -qf /boot/vmlinuz k_deflt-2.4.20-102 :) - -- Best regards, Un cordial saludo, __|__ Delta99 *---o--(_)--o---* Linux Registered User: #324150 - ----- Frase del día -------------------------------------------------- Hay vida inteligente en otro planeta? Y en este? - ---------------------------------------------------------------------- . -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) iD8DBQE/+fD7iN31Vkq1cN0RAp8wAJ9GQmhpezQe5SmHujXM/pfHv4ATBgCfUAvC +c9Lf6z/f6QeW9DUrHT8WVg= =/KcO -----END PGP SIGNATURE-----
On Tue, Jan 06, 2004 at 12:19:15AM +0100, Delta99 wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
El Lunes, 5 de Enero de 2004 23:57, Dave Lists escribi?:
YOU repeatedly attempts to download and install k_athlon. Obviously, since this is not what I want (the system is a Pentium III 550Mhz), I have aborted this update before completion in each case.
I think if you check the details it is downloaded i386 but the short description in YOU looks like athlon. ?
Yes. The short description *is not correct* but the kernel downloaded and installed is correct. My system is a Pentium III 500MHz and the kernel updated with YOU is:
rpm -qf /boot/vmlinuz
k_deflt-2.4.20-102
:)
Many thanks for your response, and thanks also to others who replied. Update now completed: anthony@catfish:~> rpm -qf /boot/vmlinuz k_deflt-2.4.20-102 -- Anthony Edwards anthony.edwards@uk.easynet.net
I think if you check the details it is downloaded i386 but the short description in YOU looks like athlon. ?
I got that as well (8.2, PIII 450, Athlon-message) ... :-( So I was a littlebit scared. Since YOU uses patch-rpm's it would be a nice disaster if it patches PIII with incomplete Athlon kernel. YOU logs show correct version of Kernel. Please don't let anybody get a heart attack and fix that message! Philippe
Philippe Vogel wrote:
Since YOU uses patch-rpm's it would be a nice disaster if it patches PIII with incomplete Athlon kernel.
I believe there are no patch RPMs for kernel updates, just entire kernel packages.
-----Original Message----- From: Anthony Edwards <anthony.edwards@uk.easynet.net> To: Olaf Kirch <okir@suse.de> Cc: suse-security@suse.com, Anthony Edwards <anthony.edwards@uk.easynet.net> Date: Mon, 5 Jan 2004 22:18:44 +0000 Subject: Re: [suse-security] kernel do_mremap local privilege escalation vulnerability
On Mon, Jan 05, 2004 at 07:48:03PM +0100, Olaf Kirch wrote:
On Mon, Jan 05, 2004 at 08:34:22PM +0200, Radu Voicu wrote:
"Yes, SuSE kernels are vulnerable to this one" "No, we don't know when the patch will be available"
Am I assuming right? :))
No, the second answer is indeed "now". FTP servers should be in the process of syncing them from our staging server.
There is something rather odd about this update. I have attempted several times to update the system automatically this evening via YOU, however despite:
anthony@catfish:~> rpm -qf /boot/vmlinuz k_deflt-2.4.20-101
YOU repeatedly attempts to download and install k_athlon. Obviously, since this is not what I want (the system is a Pentium III 550Mhz), I have aborted this update before completion in each case.
If you look at the actual file that it is downloading you will see that it is the one that pertains to your currently running kernel. I knew the packager screwed up by putting a name with the description. Why not just call it kernel update instead of k_athlon update! Ken
Yes, that worried me too, as YOU was running. However it actually installed k_deflt which is fine for my AMD K6-500 system. I am runnung SuSE Linux 8.2. Rebooted OK also. I presumed the comments about a YOU update not being available ONLY related to 8.1. Philip ----- Original Message ----- From: "Anthony Edwards" <anthony.edwards@uk.easynet.net> To: "Olaf Kirch" <okir@suse.de> Cc: <suse-security@suse.com>; "Anthony Edwards" <anthony.edwards@uk.easynet.net> Sent: Monday, January 05, 2004 10:18 PM Subject: Re: [suse-security] kernel do_mremap local privilege escalation vulnerability
On Mon, Jan 05, 2004 at 07:48:03PM +0100, Olaf Kirch wrote:
On Mon, Jan 05, 2004 at 08:34:22PM +0200, Radu Voicu wrote:
"Yes, SuSE kernels are vulnerable to this one" "No, we don't know when the patch will be available"
Am I assuming right? :))
No, the second answer is indeed "now". FTP servers should be in the process of syncing them from our staging server.
There is something rather odd about this update. I have attempted several times to update the system automatically this evening via YOU, however despite:
anthony@catfish:~> rpm -qf /boot/vmlinuz k_deflt-2.4.20-101
YOU repeatedly attempts to download and install k_athlon. Obviously, since this is not what I want (the system is a Pentium III 550Mhz), I have aborted this update before completion in each case.
Does anyone know what is causing this, and what the fix might be (obviously I could download the k_deflt package and install it manually, but prefer to use YOU wherever possible)?
TIA.
-- Anthony Edwards anthony.edwards@uk.easynet.ne
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Hi all, On Mon, Jan 05, 2004 at 10:18:44PM +0000, Anthony Edwards wrote:
YOU repeatedly attempts to download and install k_athlon. Obviously, since this is not what I want (the system is a Pentium III 550Mhz), I have aborted this update before completion in each case.
There's a glitch in the patch files; the description is simply wrong. YOU will nevertheless download and install the correct kernel package. Olaf -- Olaf Kirch | Stop wasting entropy - start using predictable okir@suse.de | tempfile names today! ---------------+
On Tue, Jan 06, 2004 at 11:08:57AM +0100, Olaf Kirch wrote:
There's a glitch in the patch files; the description is simply wrong. YOU will nevertheless download and install the correct kernel package.
As indeed it did. Many thanks for the follow up. -- Anthony Edwards anthony.edwards@uk.easynet.net
On Mon, Jan 05, 2004 at 08:34:22PM +0200, Radu Voicu wrote:
So, I suppose that the translation would be:
"Yes, SuSE kernels are vulnerable to this one" "No, we don't know when the patch will be available"
Am I assuming right? :))
No, you should learn to read: "Now" just means "now" and does not mean "don't know". These are different words with a totally different meanings. Robert -- Robert Schiele Tel.: +49-621-181-2517 Dipl.-Wirtsch.informatiker mailto:rschiele@uni-mannheim.de
On Monday 05 January 2004 07:34 pm, Radu Voicu wrote:
So, I suppose that the translation would be:
"Yes, SuSE kernels are vulnerable to this one" "No, we don't know when the patch will be available"
Am I assuming right? :))
Which part of "now" do you have problems to understand with? I am currently in the process of downloading a patched kernel via YOU. Kristian -- http://www.amazon.de/exec/obidos/wishlist/18E5SVQ5HJZXG
participants (12)
-
Anthony Edwards -
Avtar Gill -
Dave Lists -
David Huecking -
Delta99 -
Ken Schneider -
Kristian Köhntopp -
Olaf Kirch -
Philip B Cook -
Philippe Vogel -
Radu Voicu -
Robert Schiele