------------------------------------------------------------------------ Yet Another Local Root Exploit in Linux Kernel 2.6 http://nic.phys.ethz.ch/news/1153139440
Although there was a [1]local root exploit fixed recently in some versions of the Linux 2.6 Kernel which resulted in Kernel 2.6.17.4, [2]on Friday night another [3]local root exploit using a [4]race condition in the [5]/proc file system ([6]CVE-2006-3626) became public, this time concerning all previous 2.6 kernels. So on Saturday morning Kernel [7]2.6.17.5 has been released, which fixed this vulnerability. Then the developers noticed that the fix was "a bit to draconic" which means that in some cases it prevented to much, and released [8]2.6.17.6 on Sunday.
So if you run a computer using a Linux 2.6 Kernel less than 2.6.17.5, please update as soon as possible to 2.6.17.6. If you have already updated to Kernel 2.6.17.5 this weekend and it works for you, it's fine, too.
References
1. http://nic.phys.ethz.ch/news/1152791277/index_html 2. http://seclists.org/lists/fulldisclosure/2006/Jul/0312.html 3. http://seclists.org/lists/fulldisclosure/2006/Jul/att-0312/h00lyshit_c 4. http://en.wikipedia.org/wiki/Race_condition 5. http://en.wikipedia.org/wiki/Proc_file_system 6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3626 7. http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5 8. http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.6
------------------------------------------------------------------------ ISG News Mailinglist Go to https://webmail.phys.ethz.ch/mailman/listinfo/isg-news to unsubscribe or change your settings.
ISG Department Physik isg@phys.ethz.ch