Slashdot Mirror


Linux 2.4.24 Release Fixes Root Vulnerability

diegocgteleline.es writes "Linux Kernel 2.4.24 has been released and is available on kernel.org. It seems there's a bug in the mremap(2) system call, where a local user can get root privileges.The new version has been released only with the most important bugs fixed - the rest of the changes have been postponed (those changes include the XFS filesystem)."

2 of 436 comments (clear)

  1. Re:This is why I love free (as in beer) software.. by irc.goatse.cx+troll · · Score: 1, Troll

    You confuse Linux community with Open Source community. OpenBSD is also opensource, but that doesn't mean he announced the local vulns out there that would allow any user to bring down your server. You had to complain on the obsd mailinglist and have someone send you a patch, which is really pretty sad.

    --
    Pain lasts, kid. Its how you know you're alive. Sometimes I think this growing up thing is just pain management-TheMaxx
  2. Re:2.4.x? by mentin · · Score: 1, Troll

    Interesting. Yesterday we flamed MS for dropping support of Windows 98, which is 5 years old, and today we are proposing to drop support of 2 weeks old kernel.

    --
    MSDOS: 20+ years without remote hole in the default install