[ltp] Linux Kernel security flaw exposed
Sat, 06 Dec 2003 13:37:02 -0500
I have been out galavanting for a week and had to spend a couple of hours
catching up on my email today. It has been a rather strange experience of
listening to three conversations at once. The Linux kernel flaw that was
exploited on the Debian servers last week figured prominently in 2 of those
conversations but was completely absent from the linux-thinkpad list. So I
decided to introduce the issue.
The main article can be found at
This flaw exists in 2.4.22 and earlier kernels. In practical terms all of
the current major distributions except (perhaps) Mandrake 9.2 are
vulnerable. Apparently Mandrake introduced a fix during its 9.2
pre-release activities. See
I also read that SuSE has posted a patch.