I'm a 2 bit operation. Really.
-----Original Message----- From: wireless-boun...@wispa.org [mailto:wireless-boun...@wispa.org] On Behalf Of Mike Hammett Sent: Monday, September 20, 2010 10:43 PM To: WISPA General List Subject: Re: [WISPA] Kernel Patching There's a difference between a 2 bit operation and 2 bit code. :-p ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com On 9/20/2010 6:51 PM, Marco Coelho wrote: > Thanks for the update. Thank goodness I run only 2 bit code! > > On Mon, Sep 20, 2010 at 6:40 PM, Glenn Kelley<gl...@hostmedic.com> wrote: >> Just a heads up. >> Those of you who are running Debian, CentOS, RedHat and other systems >> similar. >> There is a pretty big security flaw on the 64 bit side of these >> systems now labeled as >> >> CVE-2010-3081 >> >> In short >> The flaw identified by CVE-2010-3081 (Red Hat Bugzilla bug 634457) >> describes an issue in the 32/64-bit compatibility layer >> implementation in the Linux kernel, versions 2.6.26-rc1 to >> 2.6.36-rc4. The compat_alloc_user_space() function is missing a >> sanity check on the length argument, and also a check to make sure >> the pointer to the block of memory in user-space that the process is >> attempting to write to is valid. This flaw was addressed via the upstream git commit c41d68a5 for the 2.6 Linux kernel. >> This function could be abused in other areas of the Linux kernel if >> the length argument can be controlled from user-space. A known >> example of this is the compat_mc_getsockopt() function for >> MCAST_MSFILTER that was introduced in upstream git commit 42908c69 (v2.6.26-rc1). >> You can easily fix this by implementing the patch located here: >> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h= c41d68a513c71e35a14f66d71782d27a79a81ea6. >> As always - if you are stuck -please do not hesitate to contact me >> offlist - while the patch is from 9/19/10 - many wispa's have not >> patched their systems simply because they don't know they needed to. >> As always - when in doubt check the security lists out :-) >> >> >> >> >> _____________________________________________________________________ >> ________________ Glenn Kelley | Principle | HostMedic >> |www.HostMedic.com >> Email: gl...@hostmedic.com >> Pplease don't print this e-mail unless you really need to. >> >> >> >> --------------------------------------------------------------------- >> ----------- >> WISPA Wants You! Join today! >> http://signup.wispa.org/ >> --------------------------------------------------------------------- >> ----------- >> >> WISPA Wireless List: wireless@wispa.org >> >> Subscribe/Unsubscribe: >> http://lists.wispa.org/mailman/listinfo/wireless >> >> Archives: http://lists.wispa.org/pipermail/wireless/ >> > > ---------------------------------------------------------------------------- ---- WISPA Wants You! Join today! http://signup.wispa.org/ ---------------------------------------------------------------------------- ---- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
