[vox] Linux Kernel Security (updates to patches)
dugan at passwall.com
Sat Jun 19 20:34:46 PDT 2004
For those of you who are running with the openwall linux kernel security
patches, a new version was released which adds security against a number
of security holes not patched in the present 2.4.26 series kernel.
"This update fixes multiple security-related bugs in the Linux kernel
as well as two non-security bugs in the patch itself.
The now corrected Linux kernel issues include:
- Many security-related bugs discovered by Al Viro based on his run
of the Sparse source code checking tool over Linux 2.6.x, with the
fixes later back-ported to 2.4.x (CAN-2004-0495);
- The now widely publicized fsave/frstor local DoS on x86
- A leak of potentially sensitive data from uninitialized kernel
stack locations in the Intel PRO/1000 Gigabit Ethernet driver
- A use of a just-freed data structure in the procfs code, resulting
in undefined behavior should the memory get re-allocated for another
- Two security-related IA64-specific bugs: a local DoS (CAN-2004-0477)
and an infoleak (CAN-2004-0565);
- The potential buffer overflow in panic(), even though there's no
known way to trigger it and no known way to exploit it once triggered
due to the nature of panic().
More information about the vox