Re: [suse-security] Ptrace hole in linux kernels

19 Mar 2003

      FYI, new GRsecurity 1.9.9d solves this problem.

--
Ivan Gustin

----- Original Message -----
From: "Eduard Avetisyan" 
To: "Hubertus A. Haniel" ; 
Sent: srijeda, 19. ožujak 2003. 17:05
Subject: Re: [suse-security] Ptrace hole in linux kernels
...
Hi!
I was wondering on the same thing, and there's already another
posting before your's. I'm afraid SuSE guys are all busy in
CeBIT :)
Shouldn't expect an answer before tomorrow noon or weekend? :)
Eduard
--- "Hubertus A. Haniel"  wrote:
...
Are the SuSE distributions also affected by this?
-----Forwarded Message-----
From: Immo 'FaUl' Wehrenberg

To: vulnwatch@vulnwatch.org
Subject: [VulnWatch] Fwd: Ptrace hole / Linux 2.2.25
Date: 17 Mar 2003 17:30:40 +0100
From: Alan Cox 
Subject: Ptrace hole / Linux 2.2.25
To: linux-kernel@vger.kernel.org
X-Mailer: ELM [version 2.5 PL6]
Newsgroups: linux-kernel
Vulnerability: CAN-2003-0127
The Linux 2.2 and Linux 2.4 kernels have a flaw in ptrace.
This hole allows
local users to obtain full privileges. Remote exploitation of
this hole is
not possible. Linux 2.5 is not believed to be vulnerable.
Linux 2.2.25 has been released to correct Linux 2.2. It
contains no other
changes. The bug fixes that would have been in 2.2.5pre1 will
now appear in
2.2.26pre1. The patch will apply directly to most older 2.2
releases.