Slashdot Mirror
Linux 2.4.24 Release Fixes Root Vulnerability
diegocgteleline.es writes "Linux Kernel 2.4.24 has been released and is available on kernel.org. It seems there's a bug in the mremap(2) system call, where a local user can get root privileges.The new version has been released only with the most important bugs fixed - the rest of the changes have been postponed (those changes include the XFS filesystem)."
Was this bug introduced in 2.4.23 or has it been in the 2.4 series all along ?
> should I, Joe Schmoe SysAdmin be afraid of the script kiddies yet?
As soon as an exploit is publicised, yes you should.
Since it's a local exploit it's not as bad as it could be, but I guarantee you if a rootkit didn't already exist, once is being worked on now.
If you trust all your open services to not execute foreign code you can probably doze a bit, but that's walking on a razor's edge.
I remember, back when the last ptrace bug was found, some kind soul created a kernel module that (a) renamed the current ptrace function to something else and (b) implemented a new wrapper function that first checked to see if you were root, before deciding whether to call the old ptrace. Slick!
I'm surprised this sort of workaround hasn't been done for other kernel bugs. It seems it wouldn't even have to be a workaround. A module could actually provide a new, repaired version of the buggy routine. Couldn't it?
I can imagine insmoding a list of "kernel-fix" modules at boot time. Then, every once in a while , I'd upgrade my machines to a new kernel, but without the urgency of getting a new kernel installed RIGHT NOW! to fix a small (code-wise) security problem.