Just a heads up. Those of you who are running Debian, CentOS, RedHat and other systems similar. There is a pretty big security flaw on the 64 bit side of these systems now labeled as CVE-2010-3081
In short The flaw identified by CVE-2010-3081 (Red Hat Bugzilla bug 634457) describes an issue in the 32/64-bit compatibility layer implementation in the Linux kernel, versions 2.6.26-rc1 to 2.6.36-rc4. The compat_alloc_user_space() function is missing a sanity check on the length argument, and also a check to make sure the pointer to the block of memory in user-space that the process is attempting to write to is valid. This flaw was addressed via the upstream git commit c41d68a5 for the 2.6 Linux kernel. This function could be abused in other areas of the Linux kernel if the length argument can be controlled from user-space. A known example of this is the compat_mc_getsockopt() function for MCAST_MSFILTER that was introduced in upstream git commit 42908c69 (v2.6.26-rc1). You can easily fix this by implementing the patch located here: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c41d68a513c71e35a14f66d71782d27a79a81ea6. As always - if you are stuck -please do not hesitate to contact me offlist - while the patch is from 9/19/10 - many wispa's have not patched their systems simply because they don't know they needed to. As always - when in doubt check the security lists out :-) _____________________________________________________________________________________ Glenn Kelley | Principle | HostMedic |www.HostMedic.com Email: gl...@hostmedic.com Pplease don't print this e-mail unless you really need to.
-------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/