I just updated my laptop running Jaunty for the first time in a month and a half . I got the proper new kernel.
Code:Linux mcleese 2.6.28-15-generic #49-Ubuntu SMP Tue Aug 18 18:40:08 UTC 2009 i686 GNU/Linux
I just updated my laptop running Jaunty for the first time in a month and a half . I got the proper new kernel.
Code:Linux mcleese 2.6.28-15-generic #49-Ubuntu SMP Tue Aug 18 18:40:08 UTC 2009 i686 GNU/Linux
Must not be in the stream for 8.04 yet then.
ii linux-image-2.6.24-23-server 2.6.24-23.52 Linux kernel image for version 2.6.24 on x86
ii linux-image-server 2.6.24.23.25 Linux kernel image on Server Equipment.
ii linux-server 2.6.24.23.25 Complete Linux kernel on Server Equipment.
ii linux-ubuntu-modules-2.6.24-23-server 2.6.24-23.37 Ubuntu supplied Linux modules for version 2.
What if your not running Jaunty? Are security patches supposed to be released to older distro's for a given lifespan?
See the previously posted URL:
http://www.ubuntu.com/usn/usn-819-1
http://blog.cr0.org/2009/08/linux-nu...ce-due-to.html
Thursday, August 13, 2009
Linux NULL pointer dereference due to incorrect proto_ops initializations (CVE-2009-2692)
EDIT2: Here is RedHat's official mitigation recommendation
EDIT3: Brad Spengler also wrote an exploit for this and published it. The bug triggering is based on our exploit which leaked to Brad though the private vendor-sec mailing list. He implements the personality trick Tavis and I published in June to bypass mmap_min_addr and also makes use of a feature that allows any unconfined user to gain the right to map at address zero in Redhat's default SELinux policy. He wrote a reliable shellcode for this one that should work pretty much anywhere on x86 and x86_64 machines.
EDIT4: if you use Debian or Ubuntu on your machine, I have specifically updated the kernelsec Debian/Ubuntu GrSecurity packages to protect against this bug and others.
http://kernelsec.cr0.org/
What makes you think you were vulnerable ?
From http://www.ubuntu.com/usn/usn-819-1
So first a cracker would need local access and second that report states Ubuntu 8.04 and later were not vulnerable.A local attacker could exploit this to gain root privileges. By default, Ubuntu 8.04 and later with a non-zero /proc/sys/vm/mmap_min_addr setting were not vulnerable.
In the first instance, if a cracker has local access, you are pwned already.
In the second instance, did you change the settings or are you running an earlier version of Ubuntu ?
There are two mistakes one can make along the road to truth...not going all the way, and not starting.
--Prince Gautama Siddharta
#ubuntuforums web interface
Local access = someone managing to exploit another service that doesn't yield root, but access to the machine. (whether it's poor code and a malicious script on a web server or some other service being exploited)
No, didn't mess with settings and no wine is installed on production equipment.. Just want to keep things current should that setting get tampered with by someone or something else, I'd rather not leave the hole to be potentially exposed.
As I said before, if I have local (physical) access, I have root access. With physical access this is trivial and there is no need to work through such complex algorithms such as kernel or service exploits or root kits or anything like that. Why do you think they keep servers in locked rooms ?
There are two mistakes one can make along the road to truth...not going all the way, and not starting.
--Prince Gautama Siddharta
#ubuntuforums web interface
Bookmarks