[ltp] Linux Kernel security flaw exposed
James McKenzie
linux-thinkpad@linux-thinkpad.org
Sat, 06 Dec 2003 14:28:17 -0700
Fix out for Red Hat and Fedora.
James McKenzie
j_f_clark wrote:
> Hi, All.
>
> I have been out galavanting for a week and had to spend a couple of
> hours catching up on my email today. It has been a rather strange
> experience of listening to three conversations at once. The Linux
> kernel flaw that was exploited on the Debian servers last week figured
> prominently in 2 of those conversations but was completely absent from
> the linux-thinkpad list. So I decided to introduce the issue.
>
> The main article can be found at
> <http://www.eweek.com/article2/0,4149,1400446,00.asp>
>
> This flaw exists in 2.4.22 and earlier kernels. In practical terms
> all of the current major distributions except (perhaps) Mandrake 9.2
> are vulnerable. Apparently Mandrake introduced a fix during its 9.2
> pre-release activities. See
> http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:110
>
>
>
> I also read that SuSE has posted a patch.
>
> Joe Clark
>
>