Account
♦ Password
♦ Mailsetup
♦ Info
Services
♦ Workstations
  ♣ Linux
  ♣ MacOS
♦ E-Mail
♦ Chat
♦ Files
♦ Backups
♦ Printers
♦ Network
♦ Statistics
♦ Downloads
♦ Links
News
♦ Newsletter
♦ Submit
♦ Search
Readme
Hacks
♦ Linux
Tools
Contact
About


  Local root exploit for all Linux kernels from 2.6.17 to 2.6.24.1
Security Posted by Axel Beckert on Monday February 11, @04:08PM
from the reboot dept.
Last weekend two local root exploits have been released to the public, one that affects 2.6.23 up to 2.6.23.14 and 2.6.24 (CVE-2008-0009, CVE-2008-0010) and one that affects all versions beginning with 2.6.17 and up to 2.6.22.17, 2.6.23.15, and 2.6.24.1 (CVE-2008-0600). There are new kernel releases available which fix these issues: 2.6.22.18, 2.6.23.16, and 2.6.24.2.

About half of our managed Linux workstations are already running a patched 2.6.24.1 kernel, the rest will be rebooted this evening after 10:00pm. Please logout this evening before you go home, save all unsafed work and don't start any long running jobs. To see if your workstation is still affected, check our Big Brother: All workstations where the updates column ("upd") is yellow are not yet rebooted. You may also reboot your workstation yourself earlier.

A nice summary about these issues can be found in this blog posting.

<  |  >

 

  Related Links
  • Articles on Security
  • Also by Axel Beckert
  • Contact author
  • The Fine Print: The following comments are owned by whoever posted them.
    ( Reply )

    © 2003 ISG, Departement Physik, ETH Zürich, <isg@phys.ethz.ch>