Re: Kernel fchown() exploit status?

From: Michael Buesch
Date: Fri Jul 09 2004 - 04:51:09 EST


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Quoting Chris Wright <chrisw@xxxxxxxx>:
> * Chris White (webmaster@xxxxxxxxxxxxxxxxx) wrote:
> > There was a recent security announcment regarding a vulnerability with
> > the fchown function.
> >
> > Only a few distrobutions (red hat/suse) have fixed the issue, but I've
> > yet to see a general patch for it.
>
> Patches are in both 2.4 and 2.6 bk trees. 2.4.27-rc3 has this fixed.
> There hasn't been a 2.6.8-rc release since the patches went in to 2.6

Is there an exploit available to test if the kernel has
this vulnerability?

- --
Regards Michael Buesch [ http://www.tuxsoft.de.vu ]


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA7ml2FGK1OIvVOP4RAtU7AKCX9p7P389fBEfb1uY0q0VEgKYYfACgjY3x
X4nZPpoLbFJVpRwQOtKCbOk=
=E2bp
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/