[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [suse-security] fix for new elf loader bug?
> From: Frank Steiner [mailto:fsteiner-mail@xxxxxxxxxxxxxx]
> Marcus Meissner wrote
> > If it applies and builds correctly, yes.
> Ok, thanks!
> > However, the full final approved fix for all the issues involved might
> > be still pending.
> Yes, I'm aware of the difference of my self-patched kernel and an official
> SuSE release :-) No question that you do the more intensive and better
> testing! I just want a quick fix for now and don't mind to upgrade again
> after you've released the official update, possibly with more fixes.
An immediate hotfix that requires no patching or updates is to disable core
As mentioned in http://www.isec.pl/vulnerabilities/isec-0023-coredump.txt
(This is from the guy who discovered this problem - see
"A hotfix for this vulnerability is to disallow
processes to drop core. This can be accomplished by setting the hard
core size limit for users to 0 (e.g. ulimit -H -c 0, man limits.conf)."
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here