GridPP Colleagues,
In answer to Andrew's comment about lack of information on this vuln...
Here is the EGEE OSCT advisory ... I assume most of you will have already
seen this... But just in case.
Dave K.
------------------------------------------------
Dr David Kelsey
Particle Physics Department
Rutherford Appleton Laboratory
Chilton, DIDCOT, OX11 0QX, UK
e-mail: [log in to unmask]
Tel: [+44](0)1235 445746 (direct)
Fax: [+44](0)1235 446733
------------------------------------------------
-----Original Message-----
From: CSIRTs EGEE [mailto:[log in to unmask]] On Behalf
Of Michal Prochazka
Sent: 14 August 2009 13:48
To: [log in to unmask]
Subject: [EGEE-SECURITY-INCIDENT] Important: CVE-2009-2692 local root
vulnerability
Yesterday a severe vulnerability in the Linux kernel (CVE-2009-2692) was
published, which allows a local user to get root privileges on the machine.
An exploit abusing the bug is publicly available.
All kernels of series 2.4 and 2.6 are vulnerable and vendor patches are not
available yet, however the bug was fixed in the vanilla kernel tree
yesterday.
As a mitigation we recommend to immediately delete or blacklist the the
known flawed kernel modules. To do that, you can follow the recommendation
given by RedHat at
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2692#c10. Note that
this precaution may not be exhaustive since it doesn't actually fix the
problem, however it protects against the known exploit.
More information:
Original advisory:
http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html
Information from reporters:
http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.html
Fix to the vanilla kernel:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=
e694
958388c50148389b0e9b9e9e8945cf0f1b98
Regards,
Michal P., on behalf of the EGEE Operational Security Coordination Team
--
Michal Prochazka // [log in to unmask]
Supercomputing Center Brno
Institute of Computer Science
Masaryk University
Botanicka 68a, 60200 Brno, CZ
CESNET z.s.p.o.
Zikova 4, 16200 Praha 6, CZ
|