Hi,
is there already a patch for the new problem with the elf loader, maybe
in the bitkeeper tree?
http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt
Thanks!
cu,
Frank
--
Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/
Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/
LMU, Amalienstr. 17 Phone: +49 89 2180-4049
80333 Muenchen, Germany Fax: +49 89 2180-99-4049
* Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *
On Fri, Jan 07, 2005 at 04:49:35PM +0100, Frank Steiner wrote:
> Hi,
>
> is there already a patch for the new problem with the elf loader, maybe
> in the bitkeeper tree?
>
> http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt
2.6.10-ac6 contains a fix for the problem - a similar version should hit the BK tree
RSN.
On пт, 2005-01-07 at 15:05 -0200, Marcelo Tosatti wrote:
> On Fri, Jan 07, 2005 at 04:49:35PM +0100, Frank Steiner wrote:
> > Hi,
> >
> > is there already a patch for the new problem with the elf loader, maybe
> > in the bitkeeper tree?
> >
> > http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt
>
> 2.6.10-ac6 contains a fix for the problem - a similar version should hit the BK tree
> RSN.
Looking at the advisory, it affects 2.4, too, where can a patch for it
be found?
* Vasil Kolev ([email protected]) wrote:
> Looking at the advisory, it affects 2.4, too, where can a patch for it
> be found?
in 2.4 bitkeeper, and in 2.4.29-rc1 patch.
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
On Sat, Jan 08, 2005 at 12:26:39AM +0200, Vasil Kolev wrote:
> On ????, 2005-01-07 at 15:05 -0200, Marcelo Tosatti wrote:
> > On Fri, Jan 07, 2005 at 04:49:35PM +0100, Frank Steiner wrote:
> > > Hi,
> > >
> > > is there already a patch for the new problem with the elf loader, maybe
> > > in the bitkeeper tree?
> > >
> > > http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt
> >
> > 2.6.10-ac6 contains a fix for the problem - a similar version should hit the BK tree
> > RSN.
>
> Looking at the advisory, it affects 2.4, too, where can a patch for it
> be found?
http://linux.bkbits.net:8080/linux-2.4/[email protected]?nav=index.html|ChangeSet@-1d|[email protected]
Attached.
Frank Steiner wrote:
> Hi,
>
> is there already a patch for the new problem with the elf loader, maybe
> in the bitkeeper tree?
>
> http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt
>
> Thanks!
> cu,
> Frank
I made this very very very very very simple patch for kernel 2.4.28:
http://maphia.flowsecurity.org/patch/uselib-2.4.28.patch
The only thing that an attacker can do is to repeat the exploit and
cause a DoS, but it's hard too.
--
http://www.iosn.it * Amministratore Italian Open Source Network
http://www.fyrebird.net * Fyrebird Hosting Provider - Technical Department