Ptrace vulnerability in kernels <2.4.21-pre6
archaic at indy.rr.com
Tue Apr 22 18:29:57 PDT 2003
This is old news to some, but anyway....
<quoting Alan Cox>
The Linux 2.2 and Linux 2.4 kernels have a flaw in ptrace. This hole
allows local users to obtain full privileges. Remote exploitation of
this hole is not possible. Linux 2.5 is not believed to be vulnerable.
You can download 2.4.21-pre6 or later, or 2.5.x or patch earlier
kernels. The patch for the 2.4.20 kernel is here:
The thread starts here:
NOTE: This patch is known to break some code out there. For details,
read the thread.
Non-cooperation with evil is as much a duty as cooperation with good.
- Mohandas Gandhi
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message
More information about the lfs-security