![](https://seccdn.libravatar.org/avatar/1c66afe04e1fed14ab28d48cd6f3bd39.jpg?s=120&d=mm&r=g)
Forward from Bugtraq
Is the updated Kernel 2.4.10-20011026 secure against this bug?
(Sorry, can't test it for myself at the moment, as my 7.3-box is in
production use and I need to avoid unnecessary downtimes)
---------- Forwarded message ----------
From: Juergen Pabel
![](https://seccdn.libravatar.org/avatar/edc47c145813667538fa627e7c053477.jpg?s=120&d=mm&r=g)
Forward from Bugtraq
Is the updated Kernel 2.4.10-20011026 secure against this bug?
(Sorry, can't test it for myself at the moment, as my 7.3-box is in production use and I need to avoid unnecessary downtimes)
Unfortunately not. Andrea Arcangeli's mail hasn't found its way through the bugtraq moderator's queue yet, but it should this night. We've been trying it out last night, and I crashed a few boxes throughout SuSE's internal network. Not very funny. Anyway, we're preparing an update kernel. Once again... Roman.
---------- Forwarded message ---------- From: Juergen Pabel
To: bugtraq@securityfocus.com Date: Wed, 21 Nov 2001 10:52:17 +0100 Subject: SuSE 7.3 : Kernel 2.4.10-4GB Bug Summary: Any local user can crash a SuSE 7.3 Kernel 2.4.10-4GB (I imagine this is a buffer overflow or pointer verification problem while in kernel mode)
Details: I updated my SuSE 7.2 installation to 7.3 and now I can reproducably crash the system as any local user (ie: non-root). Out of curiousity i started the file /usr/src/linux/vmlinux (basically: the file "vmlinux" in the base kernel source directory) which is the "pure" (for lack of a better word) kernel after a successful kernel compilation. Since this file is essentially an ELF executable it's possible to start it (whether or not it actually "runs" is a different story). On a correctly running kernel it should (and does) exit with SIGSEGV, while on a 2.4.10-4GB kernel it crashes the whole system (hard reset, instantly...kaputt). I have not tested this any further except to verify that this is actually a problem with the kernel and not some other kernel module i use (vmware, pcmcia, ...) or even hardware (tested with same result on a different machine)
I have also not notified the vendor yet because I haven't verified if the cause is a SuSE patch or if the problem resides within the original kernel code (I haven't even started looking for the source of the problem).
If you want to contact me do so via email "jpabel at akkaya dot de"
Juergen Pabel Akkaya Consulting GmbH www.akkaya.de
--
- -
| Roman Drahtmüller
![](https://seccdn.libravatar.org/avatar/ff44b60ac2fdef0213d12f3566770a12.jpg?s=120&d=mm&r=g)
I've tested this with a custom built 2.4.10 kernel. It seems to be a flaw in the kernel from kernel.org and not distribution dependend. I've read somewhere that this has to do with the ELF handles within the kernel. Linux 2.2.10 and 2.4.15pre2 seem not to be vulnerable. Maybe the bug is introduced in the 2.4 kernel and solved by accident. Are there other who have tested this bug on 2.4.x kernel and could they tell which versions they've found vulnerable ? tia greetings Rogier
![](https://seccdn.libravatar.org/avatar/9b47aaf4bef773b871ce89248addfe13.jpg?s=120&d=mm&r=g)
Hi, for your information following kernel seems not to be affected: 2.4.12 4GB (and 64GB but that should not matter) from "ftp://ftp.suse.com/pub/people/mantel/next/"some time ago. HTH mike On 23 Nov 2001, at 19:23, Rogier Boon wrote:
I've tested this with a custom built 2.4.10 kernel. It seems to be a flaw in the kernel from kernel.org and not distribution dependend.
I've read somewhere that this has to do with the ELF handles within the kernel. Linux 2.2.10 and 2.4.15pre2 seem not to be vulnerable. Maybe the bug is introduced in the 2.4 kernel and solved by accident.
Are there other who have tested this bug on 2.4.x kernel and could they tell which versions they've found vulnerable ?
tia
greetings Rogier
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
![](https://seccdn.libravatar.org/avatar/ff44b60ac2fdef0213d12f3566770a12.jpg?s=120&d=mm&r=g)
Seems that there is more to the 2.4 kernel than meets the eye. Should we be worried and switch back to 2.2.20 ? http://slashdot.org/articles/01/11/24/1711245.shtml greetings Rogier -- -- Gelul is altijd en overal -- *ook hier*
![](https://seccdn.libravatar.org/avatar/7ce72c46b6ab41ad3bb822a75c7ea410.jpg?s=120&d=mm&r=g)
Well, there has been a patched released. This bug effects 2.4.15 not .14 or below and I would assume .16pre1 is fine as well. :) * Rogier Boon (R.boon@soneramail.nl) [011124 18:12]: ->Seems that there is more to the 2.4 kernel than meets the eye. Should we ->be worried and switch back to 2.2.20 ? -> ->http://slashdot.org/articles/01/11/24/1711245.shtml -> ->greetings ->Rogier -> ->-- ->-- Gelul is altijd en overal ->-- *ook hier* -> ->-- ->To unsubscribe, e-mail: suse-security-unsubscribe@suse.com ->For additional commands, e-mail: suse-security-help@suse.com -> -----=====-----=====-----=====-----=====----- Ben Rosenberg mailto:ben@whack.org -----=====-----=====-----=====-----=====----- "Technological progress is like an axe in the hands of a pathological criminal" -AE
![](https://seccdn.libravatar.org/avatar/1fb4d7e568d0b307e9697027be6dd1ef.jpg?s=120&d=mm&r=g)
You are of course talking about a Kernel that is not SuSE Official correct?
I know there was a fix for the 2.410 and what you are pointing to was last
Thursday's 2.4.15 release, not anything that SuSE has released. The purpose
of releasing Official versions is to monitor the use out in the world and
when there is a reason to believe from this and internel tests that it is
stable you post it.
Regards,
Jon
----- Original Message -----
From: "Rogier Boon"
Seems that there is more to the 2.4 kernel than meets the eye. Should we be worried and switch back to 2.2.20 ?
http://slashdot.org/articles/01/11/24/1711245.shtml
greetings Rogier
-- -- Gelul is altijd en overal -- *ook hier*
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
participants (6)
-
Ben Rosenberg
-
Jon
-
Rogier Boon
-
Roman Drahtmueller
-
Sven Koch
-
Thomas Michael Wanka