Bugtraq mailing list archives
2.2.0 SECURITY (fwd)
From: aaronl () VITELUS COM (Aaron Lehmann)
Date: Wed, 27 Jan 1999 05:41:59 +0000
A bug has been discovered in the recently released Linux 2.2.0. I suggest going back to Linux 2.0.36 until this nasty bug is fixed. It was later realized that this bug DOES also affect Linux 2.2.0ac1, but only if the core file has permissions 600. KeyID 1024D/73348CA0 Fingerprint 8EFC 7F10 F26C 55A8 458A 38B0 890F 384F 7334 8CA0 Public key available at http://www.vitelus.com/aaronl/pubkey.asc ---------- Forwarded message ---------- Date: Tue, 26 Jan 1999 21:46:06 -0700 (MST) From: Dan Burcaw <dburcaw () terraplex com> To: linux-kernel () vger rutgers edu Subject: 2.2.0 SECURITY There is a bug that works only on the 2.2.0 kernel that will allow root and non-root users to crash the machine (the system reboots). To replicate this bug do following: Take any core file, and as normal user or root run: ldd core The machine will reboot, saying that it cannot get execution permissions for ./core As far as I can tell, this problem only affects x86 machines running 2.2.0. I know that PPC is not affected. Note: This problem does not occur in kernels before 2.2.0, and is apparently fixed in 2.2.0ac1. Thanks to Gennady Gurov (gurov () frii com) for discovering this problem. Dan Terra Firma Design & Terra Soft Solutions, Inc. voice (970) 416-9821 in Fort Collins email dburcaw () terraplex com website http://www.terraplex.com/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo () vger rutgers edu Please read the FAQ at http://www.tux.org/lkml/
Current thread:
- IIS Advisory Update, (continued)
- IIS Advisory Update Marc (Jan 24)
- backdoored tcp wrapper source code Wietse Venema (Jan 21)
- Re: backdoored tcp wrapper source code John Stange (Jan 23)
- SSH 1.x and 2.x Daemon KuRuPTioN (Jan 23)
- Re: SSH 1.x and 2.x Daemon Jan B. Koum (Jan 24)
- Re: SSH 1.x and 2.x Daemon Linux Mailing Lists (Jan 25)
- Re: SSH 1.x and 2.x Daemon KuRuPTioN (Jan 25)
- Re: backdoored tcp wrapper source code John Stange (Jan 23)
- Re: SSH 1.x and 2.x Daemon Alan Olsen (Jan 24)
- baynetworks router DoS Virsoft (Jan 25)
- Re: baynetworks router DoS Neale Banks (Jan 26)
- 2.2.0 SECURITY (fwd) Aaron Lehmann (Jan 26)
- IBM CICS Universal Client 3.x Rude Yak (Jan 27)
- Re: SSH 1.x and 2.x Daemon Yutaka OIWA (Jan 25)
- Call for Papers: UNIX AND WINDOWS NT Fred Donck (Jan 25)
- New IE4 privacy issue aleph1 () UNDERGROUND ORG (Jan 25)
- Re: SSH 1.x and 2.x Daemon Jim Bourne (Jan 25)
- Re: backdoored tcp wrapper source code Wietse Venema (Jan 23)
- LocalSecure Testing Program NSS SDT (Jan 21)
- Re: backdoored tcp wrapper source code John Stange (Jan 24)
- Advisory: IIS FTP Exploit/DoS Attack Marc (Jan 24)
- Re: Advisory: IIS FTP Exploit/DoS Attack Seth McGann (Jan 24)