From: Anton Farygin <rider@linux.ru.net>
To: devel@linux.iplabs.ru
Subject: [devel] [Fwd: Re: [BUGTRAQ] Linux kernel sysctl() vulnerability]
Date: Sun, 11 Feb 2001 12:45:49 +0300
Message-ID: <3A865F4D.8CADD02B@linux.ru.net> (raw)
Мне кажется стоит в ядро патч включить.
Rgds
Anton
-------- Original Message --------
Subject: Re: [BUGTRAQ] Linux kernel sysctl() vulnerability
Date: Sat, 10 Feb 2001 10:28:01 +0100
From: Florian Weimer <Florian.Weimer@RUS.UNI-STUTTGART.DE>
Reply-To: Florian Weimer <Florian.Weimer@RUS.UNI-STUTTGART.DE>
To: BUGTRAQ@SECURITYFOCUS.COM
References:
<Pine.LNX.4.30.0102091259040.32418-100000@ferret.lmh.ox.ac.uk>
Chris Evans <chris@SCARY.BEASTS.ORG> writes:
> There exists a Linux system call sysctl() which is used to query and
> modify runtime system settings. Unprivileged users are permitted to query
> the value of many of these settings.
It appears that all current Linux kernel version (2.2.x and 2.4.x) are
vulnerable. Right?
Was it really necessary to release this stuff just before the weekend?
The following trivial patch should fix this issue. (I wonder how you
can audit code for such vulnerabilities. It's probably much easier to
rewrite it in Ada. ;-)
--- sysctl.c 2001/02/10 09:42:12 1.1
+++ sysctl.c 2001/02/10 09:42:26
@@ -1123,7 +1123,7 @@
void *oldval, size_t *oldlenp,
void *newval, size_t newlen, void **context)
{
- int l, len;
+ unsigned l, len;
if (!table->data || !table->maxlen)
return -ENOTDIR;
--
Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
_______________________________________________
Devel mailing list
Devel@linux.iplabs.ru
http://www.logic.ru/mailman/listinfo/devel
next reply other threads:[~2001-02-11 9:45 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-02-11 9:45 Anton Farygin [this message]
2001-02-11 23:10 ` Dmitry V. Levin
2001-02-12 5:36 ` Anton Farygin (Rider_LRN)
2001-02-12 8:28 ` Dmitry V. Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3A865F4D.8CADD02B@linux.ru.net \
--to=rider@linux.ru.net \
--cc=devel@linux.iplabs.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Team development discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/devel/0 devel/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 devel devel/ http://lore.altlinux.org/devel \
devel@altlinux.org devel@altlinux.ru devel@lists.altlinux.org devel@lists.altlinux.ru devel@linux.iplabs.ru mandrake-russian@linuxteam.iplabs.ru sisyphus@linuxteam.iplabs.ru
public-inbox-index devel
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.devel
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git