Linux kernel security hole

Edward Glowacki glowack2@msu.edu
Thu, 8 Jun 2000 10:41:25 -0400 (EDT)

Previous message: public outcry
Next message: Linux kernel security hole
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Got this from another mailing list this morning, but it also appeared on
Slashdot.  If you're running the 2.2 series kernel, you may want to
upgrade...  If you've never recompiled your kernel, maybe now is a good
time to learn!  (hey, that could be a LUG meeting topic!! ;) )

Ed


http://sendmail.net/?feed=000607linuxbug

   A serious bug has been discovered in the Linux kernel that can be used
   by local users to gain root access. The problem, a vulnerability in
   the Linux kernel capability model, exists in kernel versions up to and
   including version 2.2.15. According to Alan Cox, a key member of the
   Linux developer community, "It will affect programs that drop setuid
   state and rely on losing saved setuid, even those that check that the
   setuid call succeeded."

Previous message: public outcry
Next message: Linux kernel security hole
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]