Date: Tue, 6 Jan 2004 06:03:20 +0300 From: Solar Designer <solar@...nwall.com> To: announce@...ts.openwall.com Cc: owl-users@...ts.openwall.com, lwn@....net Subject: Linux 2.4.23-ow2, Owl 1.1 available for download Hi, Linux 2.4.23-ow2 is out and adds fixes for two Linux kernel vulnerabilities. One of the vulnerabilities, discovered by Paul Starzetz, is in incorrect handling of a boundary case in mremap(2) system call. When properly exploited, this vulnerability may allow any local user and any process to execute arbitrary code with kernel privileges and thus gain root access and bypass restrictions such as cap-bound. More trivial exploits of the same vulnerability result in an instant reboot (local DoS). This vulnerability does not affect Linux 2.2.x and older kernels. The other vulnerability has been discovered by Russell King and results in the real time clock drivers leaking small amounts of kernel internal data to user-space applications via the /dev/rtc device. Such data might be security-sensitive. All of Linux 2.0.x, 2.2.x, and 2.4.x are affected, provided the /dev/rtc device is readable to untrusted users (it isn't on Owl). Linux 2.4.23-ow2 is available for download from: http://www.openwall.com/linux/ Owl 1.1 already includes Linux 2.4.23-ow2 as the kernel. Owl 1.1 release is now available for download from the FTP mirrors listed at: http://www.openwall.com/Owl/DOWNLOAD.shtml Of course, Owl 1.1 remains available for purchase on a CD as well: http://www.openwall.com/Owl/orders.shtml The only versions of Owl affected by one of these two vulnerabilities are Owl-current snapshots dated after 2003/10/20 and up until the date of this announcement. If you're using Owl with a Linux 2.4.x kernel older than 2.4.23-ow2, please upgrade your system to Owl 1.1 or at least upgrade the kernel to 2.4.23-ow2. A updated -ow patch for Linux 2.4.24 will be available shortly, but as 2.4.23-ow2 already includes the critical fixes, there will be no real need to upgrade from 2.4.23-ow2 to 2.4.24-ow1. -- Alexander Peslyak <solar@...nwall.com> GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598 http://www.openwall.com - bringing security into open computing environments
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.