Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Gentoo: Security

Linux Kernel Local Root Exploit

 

 

Gentoo security RSS feed   Index | Next | Previous | View Threaded


tacvbo at tacvbo

Feb 11, 2008, 8:40 AM

Post #1 of 5 (1203 views)
Permalink
Linux Kernel Local Root Exploit

Any concert about the Linux Kernel Local Root Exploit as showed in the
Common Vulnerabilities and Exposure site with id's CVE-2008-0009,
CVE-2008-0010, CVE-2008-0600?

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600

gentoo-sources and vanilla-sources are affected among probably others.
--
gentoo-security [at] lists mailing list


dominik at d-paulus

Feb 11, 2008, 9:09 AM

Post #2 of 5 (1135 views)
Permalink
Re: Linux Kernel Local Root Exploit [In reply to]

Octavio Ruiz wrote:
> Any concert about the Linux Kernel Local Root Exploit as showed in the
> Common Vulnerabilities and Exposure site with id's CVE-2008-0009,
> CVE-2008-0010, CVE-2008-0600?
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0009
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600
>
> gentoo-sources and vanilla-sources are affected among probably others.

See http://bugs.gentoo.org/show_bug.cgi?id=209460
--
gentoo-security [at] lists mailing list


mwspitzer at gmail

Feb 11, 2008, 9:19 AM

Post #3 of 5 (1144 views)
Permalink
Re: Linux Kernel Local Root Exploit [In reply to]

On Feb 11, 2008 10:09 AM, Dominik Paulus <dominik [at] d-paulus> wrote:

> Octavio Ruiz wrote:
> > Any concert about the Linux Kernel Local Root Exploit as showed in the
> > Common Vulnerabilities and Exposure site with id's CVE-2008-0009,
> > CVE-2008-0010, CVE-2008-0600?
> >
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0009
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600
> >
> > gentoo-sources and vanilla-sources are affected among probably others.
>
> See http://bugs.gentoo.org/show_bug.cgi?id=209460
> --
> gentoo-security [at] lists mailing list
>
>
There's also a quick rundown here:
http://www.reactivated.net/weblog/archives/2008/02/critical-linux-kernel-vmsplice-security-issues/


chill550 at gmail

Feb 11, 2008, 9:29 AM

Post #4 of 5 (1137 views)
Permalink
Re: Linux Kernel Local Root Exploit [In reply to]

This doesnt bypass Trusted Path Execution does it?
If not, is it safe to say users in that special group can still be trusted?

On Feb 11, 2008 9:19 AM, Michael W Spitzer <mwspitzer [at] gmail> wrote:
>
> On Feb 11, 2008 10:09 AM, Dominik Paulus <dominik [at] d-paulus> wrote:
>
> >
> > Octavio Ruiz wrote:
> > > Any concert about the Linux Kernel Local Root Exploit as showed in the
> > > Common Vulnerabilities and Exposure site with id's CVE-2008-0009,
> > > CVE-2008-0010, CVE-2008-0600?
> > >
> > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0009
> > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010
> > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600
> > >
> > > gentoo-sources and vanilla-sources are affected among probably others.
> >
> > See http://bugs.gentoo.org/show_bug.cgi?id=209460
> >
> >
> >
> > --
> > gentoo-security [at] lists mailing list
> >
> >
>
> There's also a quick rundown here:
> http://www.reactivated.net/weblog/archives/2008/02/critical-linux-kernel-vmsplice-security-issues/
>
--
gentoo-security [at] lists mailing list


tomhek at xs4all

Feb 11, 2008, 9:47 AM

Post #5 of 5 (1147 views)
Permalink
Re: Linux Kernel Local Root Exploit [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Does anybody know when gentoo-sources-2.6.23-r8 becomes available for
PPC (32bit)?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkewfBkACgkQStmJ9+mkUHMxrgCeIVQrR1S/toBc/eP+RDErVPyB
cFUAnA0jCrlFmB1OyJjUTxUvz8tV5Fog
=2Eb0
-----END PGP SIGNATURE-----
--
gentoo-security [at] lists mailing list

Gentoo security RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.