[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] kernel do_mremap local privilege escalation vulnerability

On Mon, Jan 05, 2004 at 07:48:03PM +0100, Olaf Kirch wrote:
> On Mon, Jan 05, 2004 at 08:34:22PM +0200, Radu Voicu wrote:
> > "Yes, SuSE kernels are vulnerable to this one"
> > "No, we don't know when the patch will be available"
> > 
> > Am I assuming right? :))
> No, the second answer is indeed "now". FTP servers should be
> in the process of syncing them from our staging server.

There is something rather odd about this update.  I have attempted
several times to update the system automatically this evening via YOU,
however despite:

anthony@catfish:~> rpm -qf /boot/vmlinuz

YOU repeatedly attempts to download and install k_athlon.  Obviously,
since this is not what I want (the system is a Pentium III 550Mhz),
I have aborted this update before completion in each case.

Does anyone know what is causing this, and what the fix might be
(obviously I could download the k_deflt package and install it
manually, but prefer to use YOU wherever possible)?


Anthony Edwards

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here