lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040218165848.GA92706@mail.der-keiler.de> Date: Wed, 18 Feb 2004 17:58:49 +0100 From: Ulrich Keil <ulrich@...-keiler.de> To: bugtraq@...urityfocus.com Subject: Re: [RHSA-2004:065-01] Updated kernel packages resolve security vulnerabilities bugzilla@...hat.com wrote: > Paul Starzetz discovered a flaw in return value checking in mremap() > in the Linux kernel versions 2.4.24 and previous that may allow a local > attacker to gain root privileges. No exploit is currently available; > ... There is an Proof-of-concept exploit available: http://www.derkeiler.com/Mailing-Lists/Securiteam/2004-02/0052.html Ulrich Keil -- http://www.derkeiler.com PGP Fingerprint: 5FA4 4C01 8D92 A906 E831 CAF1 3F51 8F47 1233 9AAD Public key available at http://www.derkeiler.com/uk/pgp-key.asc