Mailing List Archive: Linux Kernel Local Root Exploit

Linux Kernel Local Root Exploit

Feb 11, 2008, 8:40 AM

Post #1 of 5 (2490 views)

Any concert about the Linux Kernel Local Root Exploit as showed in the
Common Vulnerabilities and Exposure site with id's CVE-2008-0009,
CVE-2008-0010, CVE-2008-0600?

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600

gentoo-sources and vanilla-sources are affected among probably others.
--
gentoo-security@lists.gentoo.org mailing list

Re: Linux Kernel Local Root Exploit [ In reply to ]

dominik at d-paulus

Feb 11, 2008, 9:09 AM

Post #2 of 5 (2418 views)

Permalink

Octavio Ruiz wrote:
> Any concert about the Linux Kernel Local Root Exploit as showed in the
> Common Vulnerabilities and Exposure site with id's CVE-2008-0009,
> CVE-2008-0010, CVE-2008-0600?
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0009
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600
>
> gentoo-sources and vanilla-sources are affected among probably others.

See http://bugs.gentoo.org/show_bug.cgi?id=209460
--
gentoo-security@lists.gentoo.org mailing list

Re: Linux Kernel Local Root Exploit [ In reply to ]

mwspitzer at gmail

Feb 11, 2008, 9:19 AM

Post #3 of 5 (2423 views)

Permalink

On Feb 11, 2008 10:09 AM, Dominik Paulus <dominik@d-paulus.de> wrote:

> Octavio Ruiz wrote:
> > Any concert about the Linux Kernel Local Root Exploit as showed in the
> > Common Vulnerabilities and Exposure site with id's CVE-2008-0009,
> > CVE-2008-0010, CVE-2008-0600?
> >
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0009
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600
> >
> > gentoo-sources and vanilla-sources are affected among probably others.
>
> See http://bugs.gentoo.org/show_bug.cgi?id=209460
> --
> gentoo-security@lists.gentoo.org mailing list
>
>
There's also a quick rundown here:
http://www.reactivated.net/weblog/archives/2008/02/critical-linux-kernel-vmsplice-security-issues/

Re: Linux Kernel Local Root Exploit [ In reply to ]

chill550 at gmail

Feb 11, 2008, 9:29 AM

Post #4 of 5 (2420 views)

Permalink

This doesnt bypass Trusted Path Execution does it?
If not, is it safe to say users in that special group can still be trusted?

On Feb 11, 2008 9:19 AM, Michael W Spitzer <mwspitzer@gmail.com> wrote:
>
> On Feb 11, 2008 10:09 AM, Dominik Paulus <dominik@d-paulus.de> wrote:
>
> >
> > Octavio Ruiz wrote:
> > > Any concert about the Linux Kernel Local Root Exploit as showed in the
> > > Common Vulnerabilities and Exposure site with id's CVE-2008-0009,
> > > CVE-2008-0010, CVE-2008-0600?
> > >
> > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0009
> > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010
> > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600
> > >
> > > gentoo-sources and vanilla-sources are affected among probably others.
> >
> > See http://bugs.gentoo.org/show_bug.cgi?id=209460
> >
> >
> >
> > --
> > gentoo-security@lists.gentoo.org mailing list
> >
> >
>
> There's also a quick rundown here:
> http://www.reactivated.net/weblog/archives/2008/02/critical-linux-kernel-vmsplice-security-issues/
>
--
gentoo-security@lists.gentoo.org mailing list

Re: Linux Kernel Local Root Exploit [ In reply to ]

tomhek at xs4all

Feb 11, 2008, 9:47 AM

Post #5 of 5 (2430 views)

Permalink

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Does anybody know when gentoo-sources-2.6.23-r8 becomes available for
PPC (32bit)?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkewfBkACgkQStmJ9+mkUHMxrgCeIVQrR1S/toBc/eP+RDErVPyB
cFUAnA0jCrlFmB1OyJjUTxUvz8tV5Fog
=2Eb0
-----END PGP SIGNATURE-----
--
gentoo-security@lists.gentoo.org mailing list