PaX privilege elevation security bug
robert at linuxfromscratch.org
Mon Mar 7 09:38:52 PST 2005
On March 7, 2005 10:06 am, pinotj at club-internet.fr wrote:
> >it seems that there is a critical bug in PaX.
> >Here is the posting from the Full Disclosure list:
> > Timo
> The grsecurity team did an update to their patch in the same time:
> The question is about keeping PaX in hlfs
Its a local vulnerability. Everyone is encouraged to upgrade, its available
for 2.6.11 I think. I'm waiting for 2.6.11 sterilized headers before
upgrading the book.
As for keeping PaX. I'm sure we're better off with it than without it, even
with occasional vulnerabilities. This one was found by the developers before
anyone was exploited.
More information about the hlfs-dev