LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-13-2005, 04:43 PM   #1
/bin/bash
Senior Member
 
Registered: Jul 2003
Location: Indiana
Distribution: Mandrake Slackware-current QNX4.25
Posts: 1,802

Rep: Reputation: 46
Kernel 2.6.13.1 fixes a couple security flaws.


The two flaws apparently affects all kernels prior to 2.6.13.1.

CAN-2005-2492 is titled, "raw_sendmsg DoS" and could potentially lead to a memory read. According to the change log for 2.6.13, "The result of the read is not returned directly but you may be able to divine some information about it, or use the read to cause a crash on some architectures by reading."

CAN-2005-2490 is titled, "32bit sendmsg() flaw" which could allow for a local attacker to gain root privileges and execute arbitrary commands with those privileges.

http://www.internetnews.com/dev-news...le.php/3548031

$ uname -a
Linux spongebob 2.6.13.1 #1 Tue Sep 13 00:07:46 EST 2005 i686 GNU/Linux
 
Old 09-14-2005, 11:05 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Thanks. Stickied until the next LQ Sec report.
 
Old 09-15-2005, 08:46 AM   #3
TruckStuff
Member
 
Registered: Apr 2002
Posts: 498

Rep: Reputation: 30
FYI, beginning with the 2.6.13 kernel, udev is a requirement for installing the kernel. If you have an older OS w/out udev, you won't be able to upgrade to this series.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Firefox/Mozilla security flaws and 4.10/5.04 t3gah Ubuntu 2 06-03-2005 01:27 PM
Security research suggests Linux has fewer flaws kaon Linux - News 1 03-30-2005 02:24 PM
Redhat 8.0 security fixes Mogh Red Hat 3 09-08-2004 05:22 PM
Three security flaws could be used by an ordinary users to access Linux boxen witeshark Linux - Security 1 02-20-2004 01:45 AM
security flaws threaten unix and linux systems..... Ich_hoffe Linux - Security 1 07-16-2002 06:03 AM


All times are GMT -5. The time now is 11:24 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration