[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] holes in linux kernel < 2.4.20?

Roman Drahtmueller wrote:

> There is a lot of work in these kernels - with more than 1000 kernel
> modules and 100MB+ code to compile, there are many ways that errors
> happen. Keep in mind that the SuSE kernels contain code that is not
> present in the official kernel tree (but might appear there in the
> future).

That's exactly why I like the SuSE kernels :-) 

> Concerning the fixes: There are multiple flaws in there, yes. But if you
> worry about losing some bytes of memory if you unplug a joystick (just a
> demonstrative example) and consider this a security problem, I can't help
> you. 

Well, don't get me wrong... I didn't invertigate much, just seeing the
hint for the fix for the 2.4.19 kernel and looking at this specific
point without reading much about the vulnerability. It's just that
you have an unconfident feeling when Heise writes about a kernel
bug :-)
I know that the SuSE kernels provide much stuff which is not official
and often enough I really needed exactly this, so I will wait for the next
release ;-)

Best regards,

Dipl.-Inform. Frank Steiner        mailto:fst@xxxxxxxxxxxxxxxxxxxxxx
Lehrstuhl f. Programmiersprachen   mailto:fsteiner@xxxxxx
CAU Kiel, Olshausenstraße 40       Phone: +49 431 880-7265, Fax: -7613
D-24098 Kiel, Germany              http://www.informatik.uni-kiel.de/~fst/

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here