Kernel 2.6.17 - 2.6.24 Security Flaw

  • user warning: Table 'cache' is marked as crashed and should be repaired query: SELECT data, created, headers, expire FROM cache WHERE cid = 'filter:1:a9339a3367cfb1c5c0724df10369ad25' in /home/dowdle/public_html/montanalinux/includes/database.mysql.inc on line 121.
  • user warning: Table 'cache' is marked as crashed and should be repaired query: UPDATE cache SET data = '<p>I know I\'m probably the only one in HelenaLUG using this distro, but this morning I found updates to every kernel currently supported in PCLinuxOS. Theirs is fixed.<br />\n--------------------<br />\nHave an Awesome Day!<br />\n<a href=\"http://www.pclinuxos.com/\">My Linux OS of Choice</a><br />\n<a href=\"http://www.pclosmag.com/html/enter.html\">PCLinuxOS Magazine Online</a></p>\n<br class=\"clear\" />', created = 1410960954, expire = 1411047354, headers = '' WHERE cid = 'filter:1:a9339a3367cfb1c5c0724df10369ad25' in /home/dowdle/public_html/montanalinux/includes/database.mysql.inc on line 121.
|

Just so you are aware... two days ago a bug was announced in Linux kernels 2.6.17 and above... that will give a local user root access. Here's info with the exploit code:

http://www.securityfocus.com/bid/27704/info

I have verified that the exploit compiles and works. I was able to get root on stock Fedora, RHEL and CentOS machines running the 2.6.18 or above kernels. Supposedly all distros running a 2.6.17 or later kernel are affected... even those running with the grsecurity patches.

I was unable to get root on an OpenVZ patched kernel but the exploit did cause a kernel panic that locked the machine I tried it on. I didn't want to crash any more machines so I didn't try any more. I've heard (but have not verified) that Linux-Vserver is affected on both the host node and inside of containers although exploits done within containers only get root of the container and are still trapped inside of it. Your milage may vary. Kernels prior to 2.6.17 are not affected. I hope vendors have fixes for this RSN... although I have heard that the current fix is not complete.

Update: The bug got fixed upstream late Sunday... and has found its way into a number of distro updates including Debian, rPath, Fedora, and PCLinuxOS. Red Hat, after the QA process, just released this morning (Tuesday). It seems that distros or kernel releases based on distro release updates will take a bit longer... CentOS and OpenVZ for example.

Update: 02/13/08 CentOS has released updated kernel packages.


Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Joble's picture

PCLinuxOS has fixed their kernels

I know I'm probably the only one in HelenaLUG using this distro, but this morning I found updates to every kernel currently supported in PCLinuxOS. Theirs is fixed.
--------------------
Have an Awesome Day!
My Linux OS of Choice
PCLinuxOS Magazine Online


Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.