The Haus

Thursday, February 19, 2004

Linux Kernel Exploit

Somebody needs to shoot whoever wrote the mremap() system call in the Linux kernel. A new exploit was found in it which could give root permissions to a local user or DOS the memory system. Affected kernel versions are <= 2.2.25, <= 2.4.24 and <= 2.6.2. Linux himself confirms that 2.4.25 and 2.6.3 fix the problem. Here is the security notice for your perusal. Check with your vender for a new kernel or snag the code at

Having said all of this, as annoying as this bug is, you need local shell access to exploit it. If people you don't know or trust can get that at your box, you probably have greater problems. Obviously, ISPs and the like will need this update. I'm compiling as I type this.

UPDATE! Great! KDE 3.2's arts doesn't get along with the version of ALSA in the 2.6.3 kernel. Sigh.

News for 02/19/2004

Recent Headlines

January 5, 2015: It Returns!
August 10, 2007: SCO SUCKS IT DOWN!
July 5, 2007: Slackware 12.0 Released
May 20, 2007: PhpBB 3.0 RC 1 Released
February 2, 2007: DOOM3 1.31 Patch

January 27, 2007: Join the World Community Grid
January 17, 2007: Flash Player 9 for Linux
December 30, 2006: Darkness over Daggerford 1.2
December 19, 2006: Pocket Tunes 4.0 Released
December 9, 2006: WRT54G 1.01.1 Firmware OK with Linux/Mac

All original information on this website is copyright © TheHaus.Net, 1999-2005. The use of original images, text, and/or code from this website without expressed written consent is prohibited. The authors of this site cannot be held responsible for any damage, real or imagined, which comes from the use of information presented on this site. All trademarks used are the properties of their respective owners. This site is not to be used as a floatation device (but if you try, I want a video tape of it).