Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||
|
| |||||||||||
Stable and unstable kernel releases
There has been a set of stable kernel releases (2.6.22.18, 2.6.23.16, and 2.6.24.2), all of which fix the recently
disclosed splice() security hole. This vulnerability is an easy
root exploit on any of the affected systems (almost every kernel from
2.6.17 on), so applying the fix would be a good thing to do.
Meanwhile, Linus has closed the 2.6.25 merge window and released 2.6.25-rc1. It is a huge patch. Among many other things, 2.6.25 will have realtime group scheduling, preemptible RCU, LatencyTop support, a bunch of ext4 filesystem enhancements, the controller area network protocol, Atheros wireless support, the reworked timerfd() system call, the page map patches, the SMACK security module, the container memory use controller, the ACPI thermal regulation API, and support for the MN10300/AM33 architecture. See the short-form changelog for lots of details, or the long changelog for more detail than anybody can cope with. (Log in to post comments)
Superb Fast splice() Fix. Posted Feb 12, 2008 0:12 UTC (Tue) by brianomahoney (subscriber, #6206) [Link]
Let me thank Greg K-H and the stable team for their
timely work, it maintains the Very High standard of
professionalism that we have come to expect.
I smell a FUD campaign, there have been too many FOSS
exploits in the news in recent days so I hope:
(i) Following Linus' and Andrew's comments we get more
introspection/testing
(ii) PJ keeps an eye out
we are due for more anti-Linux reports.
Brian
Superb Fast splice() Fix. Posted Feb 12, 2008 12:24 UTC (Tue) by nowshining (guest, #50466) [Link] the patch for 2.6.24.2 that I used didn't update the version number, it just stayed at 2.6.24.1 and i had to try re-patching a second time to get it to work, anyway my kernel reports 2.6.24.1 and after patching and re-trying another compile - 2nd time, I re-tried the exploit and it doesn't work no more. :) that means that the patch took.. nowshining@botnetgodalphamale:~/Desktop$ uname -r 2.6.24.1-botnetgodalphamale nowshining@botnetgodalphamale:~/Desktop$ ./exploit ----------------------------------- Linux vmsplice Local Root Exploit By qaaz ----------------------------------- [+] mmap: 0x0 .. 0x1000 [+] page: 0x0 [+] page: 0x20 [+] mmap: 0x4000 .. 0x5000 [+] page: 0x4000 [+] page: 0x4020 [+] mmap: 0x1000 .. 0x2000 [+] page: 0x1000 [+] mmap: 0xb7fb0000 .. 0xb7fe2000 [-] vmsplice: Bad address nowshining@botnetgodalphamale:~/Desktop$ however the only problem I had was when compiling the kernel and I just re-tried (the exploit) for fun and it pretty much made the system a pain to reboot, and i could NOT start or stop any processes, so in the end I had to hard reboot, altho when i did try the exploit, programs did open up, somewhat and operate fine but the compile stopped and cpu went to 0%, it was actually only trying to exit the terminal that it became blank, and a new shell/terminal wouldn't load properly, etc.. oh well :) > by the way I stayed up all night so my brain is a bit slow right now. ^_^, also that was the first time I patched a kernel & compiled it successfully.
Superb Fast splice() Fix. Posted Feb 12, 2008 12:26 UTC (Tue) by nowshining (guest, #50466) [Link] oh and yes if anyone is wondering i used the patch from kernel.org.
|
|||||||||||