lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <37114.1300132649@localhost>
Date:	Mon, 14 Mar 2011 15:57:29 -0400
From:	Valdis.Kletnieks@...edu
To:	Justin <wellspring3@...il.com>
Cc:	Steven Rostedt <rostedt@...dmis.org>, linux-kernel@...r.kernel.org
Subject: Re: milw0rm rootkit

On Mon, 14 Mar 2011 12:28:11 PDT, Justin said:
> Yes, she runs 2.6.34.8-68.fc13.i686.PAE

Which is the most recently released Fedora 13 kernel, from Feb 24,
so not ancient...

> I know this is for the kernel... The C file seems to exploit a
> vulnerability in the kernel, so I thought I should let the kernel
> people know so they could patch it upstream.

Toss the .c file to 'security@...nel.org', that's what it's there for.
If you have enough kernel savvy to figure out what's getting abused,
cc: the subsystem maintainer.  But if you don't, that's OK too,
somebody reading security@ will handle that if needed.


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ