Bugtraq mailing list archives
Re: Linux 2.1.115 oops (demo and fix)
From: chris () CYBERNET CO NZ (Chris Wedgwood)
Date: Fri, 14 Aug 1998 15:05:25 +1200
On Thu, Aug 13, 1998 at 07:02:40PM +0100, Duncan Simpson wrote:
2.1.115 devpts contains a bug that can prevent you from unmounting file systems and the exploit program sticks in uninteruptable sleep until you reboot. It may be possible to trash kernel data structures using the bug with difficulty. I have yet to both ends of a pty using ptmx and devpts. I assume other version are vulnerable too.
[...] Why is this even on BugTraq? I assume almost everyone (including Aleph One) knows that 2.1.x is a _development_ kernel version so bug should be reported to linux-kernel () vger rutgers edu or security-audit () ferret lmh ox ac uk where hopefully somebody can and will deal with it in a timely fashion, and any fixes supplied will be greatfully accepted and verified by the kernel gurus. Anybody who runs 2.1.x on a production server and has it blow up or whatever, deserves what they get. In short, don't use 2.1.x for production/stable systems, use 2.0.x or wait for 2.2.x. Similar arguments apply to development releases of *BSD, etc. -Chris
Current thread:
- Re: Eudora executes (Java) URL, (continued)
- Re: Eudora executes (Java) URL James Wetterau (Aug 11)
- Re: Eudora executes (Java) URL Alec Kosky (Aug 11)
- Re: Eudora executes (Java) URL John D. Hardin (Aug 11)
- Cisco IOS software security notice security-alert () cisco com (Aug 12)
- Re: Eudora executes (Java) URL High Tide (Aug 12)
- Re: RotoRouter 1.0 - Traceroute log & fake Julian Assange (Aug 11)
- DoS in Flowpoint 2000 DSL routers Jason Ackley (Aug 11)
- Re: DoS in Flowpoint 2000 DSL routers Tom (Aug 11)
- Re: DoS in Flowpoint 2000 DSL routers Jason Ackley (Aug 12)
- Linux 2.1.115 oops (demo and fix) Duncan Simpson (Aug 13)
- Re: Linux 2.1.115 oops (demo and fix) Chris Wedgwood (Aug 13)
- [rootshell] Security Bulletin #22 DeadSock (Aug 14)
- Linux 2.1.115 devpts bug improved fix Duncan Simpson (Aug 13)