Kernel vulnerability
Lisa Kachold
lisakachold at obnosis.com
Fri Aug 14 14:22:29 MST 2009
Hi Paul!
On 8/14/09, Paul Mooring <drpppr242 at gmail.com> wrote:
> Anybody seen this?
> http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.html
Yes, we regularly review the kernel level Null deference pointers and
their potential for exploit.
This is an OLD basic level C stack issue that comes up in various ways
(glibc, ssh, etc.)
Linus did provide a patch, which requires a recompile for you custom
kernel types.
If you are running Suse, Redhat/Fedora, or debian/Ubuntu, you simply
follow their kernel patch protocol (usually only a reboot).
This is trivial with adequate safety steps (USB NAS, booting to say
LiveCD/USBkey Knoppix and dd existing sources prior to recompile). An
excellent understanding of kernel builds and resurrection in the case
of disaster is recommended.
Without a complete evaluation of your existing kernel and server
utilization, I can't give you a full risk assessment, but certainly
suggest that you maintain all of your systems with the most current
patch levels, should you have any interest in maintaining pwnership
and uptime.
> and more importantly is there someone more knowledgable than me that can
> tell me a way to check if my system are affected by this? (I'm using
> mostly all custom compiled kernels).
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
--
http://linuxgazette.net/165/kachold.html
(623)239-3392
(503)754-4452 www.obnosis.com
More information about the PLUG-discuss
mailing list