Kernel security flaw??

sktsee sktsee at tulsaconnect.com
Sun Feb 24 22:22:42 UTC 2008


On Sun, 24 Feb 2008 16:47:32 -0500, geoffrey froner wrote:

> I saw the following report at the Gentoo site.  Not being an expert with
> Linux, I am at a loss to understand the impact.  Is this something
> Ubuntu users need be concerned?  Is there already a patch for this
> problem?
> 
> "Two *major security flaws in the Linux kernel* were reported last
> weekend. Both flaws have the same impact (*root access for local users*)
> and both exist within the vmsplice() system call, which was added to the
> kernel in 2.6.17. There is no configuration option to exclude vmsplice()
> so *everyone is vulnerable."
> 
> 
Fix was released on Feb 12 for 6.10, 7.04. 7.10, and for 6.06LTS on Feb 
13.

--sktsee





More information about the ubuntu-users mailing list