[ltp] Linux Kernel security flaw exposed

j_f_clark linux-thinkpad@linux-thinkpad.org
Sat, 06 Dec 2003 13:37:02 -0500

Hi, All.

I have been out galavanting for a week and had to spend a couple of hours 
catching up on my email today.  It has been a rather strange experience of 
listening to three conversations at once.  The Linux kernel flaw that was 
exploited on the Debian servers last week figured prominently in 2 of those 
conversations but was completely absent from the linux-thinkpad list.  So I 
decided to introduce the issue.

The main article can be found at 

This flaw exists in 2.4.22 and earlier kernels.  In practical terms all of 
the current major distributions except (perhaps) Mandrake 9.2 are 
vulnerable.  Apparently Mandrake introduced a fix during its 9.2 
pre-release activities.  See 

I also read that SuSE has posted a patch.

Joe Clark