[Bug 413656] Re: Local root exploit via CVE-2009-2692 (incorrect proto_ops initializations)
Kees Cook
kees at ubuntu.com
Fri Aug 14 21:11:01 UTC 2009
SELinux is not a default on Ubuntu, but if it is enabled, the work-
arounds above could be used instead.
** Description changed:
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
WORK-AROUND:
Ubuntu 8.04 and later have a default setting of 65536 in
/proc/sys/vm/mmap_min_addr. When set, this issue is blocked. If your
value is 0, please purge the "wine" and "dosemu" packages, and reset the
value:
sudo apt-get purge wine dosemu
echo 65536 | sudo tee /proc/sys/vm/mmap_min_addr
On Ubuntu 6.06 (Dapper), the following configuration will work around
the issue (note this disables IPv6):
sudo -s
cat > /etc/modprobe.d/mitigate-2692.conf << EOM
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true
install bluetooth /bin/true
install ipv6 /bin/true
install irda /bin/true
install ax25 /bin/true
+ install x25 /bin/true
install ipx /bin/true
install appletalk /bin/true
EOM
/etc/init.d/bluez-utils stop
rmmod pppoe pppox ppp_generic slhc ax25 x25 irda crc_ccitt ipx ipv6 appletalk rfcomm l2cap bluetooth
--
Local root exploit via CVE-2009-2692 (incorrect proto_ops initializations)
https://bugs.launchpad.net/bugs/413656
You received this bug notification because you are a member of Kernel
Bugs, which is subscribed to linux-source-2.6.15 in ubuntu.
More information about the kernel-bugs
mailing list