Re: [Bug 190587] Re: Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)
On Tue, 2008-02-12 at 19:11 +, Adna rim wrote: > Means that there is an all or nothing policy? So even if the > i386-patch would have been created and tested it hadn't been released > before the patches for generic- and 64bit-kernels had been created and > released? IIRC, the kernels are all put into a build queue at the same time. There is testing before it's sent off to be built by the machines that build for the repository. This would not be unlike the way PPA works. --- Mike -- Michael B. Trausch [EMAIL PROTECTED] home: 404-592-5746, 1 www.trausch.us cell: 678-522-7934 im: [EMAIL PROTECTED], jabber Ubuntu Unofficial Backports Project:http://backports.trausch.us/ -- Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice) https://bugs.launchpad.net/bugs/190587 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 190587] Re: Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)
On Tue, 2008-02-12 at 18:50 +, Martin Jürgens wrote: > But honestly, the time frame from the patches being published to > having security updates in Ubuntu was ~ 48 hours, which is good in my > opinion. Just compare it to once a month (granted that for such > critical bugs MS would probably do an exception) Eh, not necessarily. Microsoft took 18 months to fix a critical remote code execution exploit in their TCP/IP stack: http://www.microsoft.com/technet/security/Bulletin/MS06-032.mspx http://www.microsoft.com/technet/security/bulletin/ms08-001.mspx Ubuntu has done most excellently in getting this patched as soon as it did. Microsoft likes to sling mud at projects like Ubuntu for the number of open bugs that there are on the public bug trackers, but there is no point to it---it's pure FUD. We can't see what bugs they have in their internal trackers, and there are probably more of them (and far worse) than we have in ours. What we can see is that they take a long time to close critical security flaws in their operating system, and that is one of the many reasons there are to use Ubuntu. Let's not forget that. 48 hours? That's hardly nothing. Even 96 is nothing. --- Mike -- Michael B. Trausch [EMAIL PROTECTED] home: 404-592-5746, 1 www.trausch.us cell: 678-522-7934 im: [EMAIL PROTECTED], jabber Ubuntu Unofficial Backports Project:http://backports.trausch.us/ -- Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice) https://bugs.launchpad.net/bugs/190587 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 190587] Re: Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)
On Tue, Feb 12, 2008 at 03:18:36AM -, Yuri wrote: > Contrary to what I've been reading, I can confirm this on feisty, at > least with AMD processor: of course feisty is exploitable it works for 2.6.17-2.6.24.1 (and see the summary of the bug, 2.6.20 is mentionned). -- :wq -- Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice) https://bugs.launchpad.net/bugs/190587 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 190587] Re: Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)
Indeed, I ran the hotfix on my desktop last night (gutsy with latest updates) and as soon as it finished, running programs began to crash. I wasn't able to see any error messages to dmesg, but the system was unstable enough that I had to reboot it. I would *not* recommend running the hotfix. -- Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice) https://bugs.launchpad.net/bugs/190587 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 190587] Re: Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)
Hi, This doesn't work, because it still creates a DoS condition when it alters your memory map. On Mon, 2008-02-11 at 07:08 +, slasher-fun wrote: > Temporary fix : > > * Download http://www.ping.uio.no/~mortehu/disable-vmsplice-if-exploitable.c > * Compile it using gcc (so "gcc disable-vmsplice-if-exploitable.c -o > rm_exploit") as normal user > * Run it as normal user > --> You are now protected until the next reboot of the system > -- Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice) https://bugs.launchpad.net/bugs/190587 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 190587] Re: Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)
2008/2/11 Fadi Kaba <[EMAIL PROTECTED]>: > Thanks Ante, > How did you test kernel 2.6.15 I have a machine here with kernel 2.6.16and > might test on it > > > On Feb 11, 2008 5:47 PM, Ante Karamatić <[EMAIL PROTECTED]> wrote: > > > Fadi, no, 2.6.15 isn't affected. I can't test 2.6.16, but it also > > shouldn't be affected. > > > > -- > > Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice) > > https://bugs.launchpad.net/bugs/190587 > > You received this bug notification because you are a direct subscriber > > of the bug. > > > > Status in Source Package "linux" in Ubuntu: In Progress > > Status in Source Package "linux-source-2.6.17" in Ubuntu: In Progress > > Status in Source Package "linux-source-2.6.20" in Ubuntu: In Progress > > Status in Source Package "linux-source-2.6.22" in Ubuntu: In Progress > > Status in Debian GNU/Linux: Unknown > > Status in Source Package "linux" in Fedora: Unknown > > Status in Gentoo Linux: Unknown > > Status in Mandriva Linux: Unknown > > > > Bug description: > > https://bugs.gentoo.org/show_bug.cgi?id=209460 works on at least Hardy > > 2.6.24-7, Edgy 2.6.17-12, but not on Feisty 2.6.20-16. > > > > > > -- > Regards, > Fadi Kaba > [EMAIL PROTECTED] -- Regards, Fadi Kaba [EMAIL PROTECTED] -- Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice) https://bugs.launchpad.net/bugs/190587 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 190587] Re: Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)
Thanks Ante, How did you test kernel 2.6.15 I have a machine here with kernel 2.6.16 and might test on it On Feb 11, 2008 5:47 PM, Ante Karamatić <[EMAIL PROTECTED]> wrote: > Fadi, no, 2.6.15 isn't affected. I can't test 2.6.16, but it also > shouldn't be affected. > > -- > Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice) > https://bugs.launchpad.net/bugs/190587 > You received this bug notification because you are a direct subscriber > of the bug. > > Status in Source Package "linux" in Ubuntu: In Progress > Status in Source Package "linux-source-2.6.17" in Ubuntu: In Progress > Status in Source Package "linux-source-2.6.20" in Ubuntu: In Progress > Status in Source Package "linux-source-2.6.22" in Ubuntu: In Progress > Status in Debian GNU/Linux: Unknown > Status in Source Package "linux" in Fedora: Unknown > Status in Gentoo Linux: Unknown > Status in Mandriva Linux: Unknown > > Bug description: > https://bugs.gentoo.org/show_bug.cgi?id=209460 works on at least Hardy > 2.6.24-7, Edgy 2.6.17-12, but not on Feisty 2.6.20-16. > -- Regards, Fadi Kaba [EMAIL PROTECTED] -- Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice) https://bugs.launchpad.net/bugs/190587 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
