http://www.phoronix.com/scan.php?page=n ... px=MTMxMTg
The article says this recently uncovered exploit affects kernels from 3.3 and up, but other sources claim earlier kernels are also affected.
Which is true and is this something a Mint user should worry about much? Here's hoping this gets fixed quickly and a kernel update is soon to come into the repositories.
Some even theorize this exploit was purposely planted to the kernel by CIA or something (seems pretty far out, but these days, who knows...)
edit: appears this exploit has already been patched. Anyone know when the kernel update comes to Mint or if it has come already?
Kernel vulnerability discovered
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Kernel vulnerability discovered
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: Kernel vulnerability discovered
The fixed kernel 3.5.0-25 is already available in the repos since a couple of days
Code: Select all
3.5.0-25-generic #39~precise1-Ubuntu SMP Tue Feb 26 00:07:14 UTC 2013 x86_64
Re: Kernel vulnerability discovered
Ok that's nice.eanfrid wrote:The fixed kernel 3.5.0-25 is already available in the repos since a couple of daysCode: Select all
3.5.0-25-generic #39~precise1-Ubuntu SMP Tue Feb 26 00:07:14 UTC 2013 x86_64
So what about the 3.2 kernel, I assume it's not affected by this exploit?
Re: Kernel vulnerability discovered
Looks like it's not.dee. wrote:So what about the 3.2 kernel, I assume it's not affected by this exploit?
- from http://seclists.org/oss-sec/2013/q1/432Did you even try to run the exploit on a v3.2 kernel? Or even more
simple, looked at the code of a v3.2 kernel? There is no sock_diag
anywhere in the kernel; there is only inet_diag. And inet_diag hadn't
and still does not have the out-of-bounds access issue. So no, this
bug is non-existent on a v3.2 kernel.