Kernel vulnerability
Dave Jones
davej at redhat.com
Fri Jul 14 22:12:04 UTC 2006
On Fri, Jul 14, 2006 at 01:33:22PM -0400, Matthew Miller wrote:
> On Fri, Jul 14, 2006 at 01:26:02PM -0400, Dave Jones wrote:
> > On Fri, Jul 14, 2006 at 11:23:19AM -0600, Art Edwards wrote:
> > > I'm running 2.6.17-1.2139_FC5. Is this vulnerable to the Linux Kernel PRCTL Core Dump Handling Privilege Escalation Vulnerability?
> > yes. There's a fixed kernel in updates-testing that I've now
> > requested be moved to updates-final today.
>
> Hi Dave. Mark Cox comments on LWN <http://lwn.net/Articles/191166/> that Red
> Hat's security team was aware of this issue on June 19th and had a working
> exploit a few days later, and that the embargo was lifted on July 6th. Any
> particular reason this didn't go out for Fedora on the 6th?
>
> Does someone need to get you faster computers, or some code monkeys, or
> something?
Mea Culpa. I was digging into making rawhide boot again and related
disasters, and not really paying as close attention as I should have been.
Dave
--
http://www.codemonkey.org.uk
More information about the devel
mailing list