ALT Linux Team development discussions
 help / color / mirror / Atom feed
* [devel] [Fwd: Re: [BUGTRAQ] Linux kernel sysctl() vulnerability]
@ 2001-02-11  9:45 Anton Farygin
  2001-02-11 23:10 ` Dmitry V. Levin
  0 siblings, 1 reply; 4+ messages in thread
From: Anton Farygin @ 2001-02-11  9:45 UTC (permalink / raw)
  To: devel

Мне кажется стоит в ядро патч включить.

Rgds
Anton


-------- Original Message --------
Subject: Re: [BUGTRAQ] Linux kernel sysctl() vulnerability
Date: Sat, 10 Feb 2001 10:28:01 +0100
From: Florian Weimer <Florian.Weimer@RUS.UNI-STUTTGART.DE>
Reply-To: Florian Weimer <Florian.Weimer@RUS.UNI-STUTTGART.DE>
To: BUGTRAQ@SECURITYFOCUS.COM
References:
<Pine.LNX.4.30.0102091259040.32418-100000@ferret.lmh.ox.ac.uk>

Chris Evans <chris@SCARY.BEASTS.ORG> writes:

> There exists a Linux system call sysctl() which is used to query and
> modify runtime system settings. Unprivileged users are permitted to query
> the value of many of these settings.

It appears that all current Linux kernel version (2.2.x and 2.4.x) are
vulnerable.  Right?

Was it really necessary to release this stuff just before the weekend?

The following trivial patch should fix this issue. (I wonder how you
can audit code for such vulnerabilities.  It's probably much easier to
rewrite it in Ada. ;-)

--- sysctl.c    2001/02/10 09:42:12     1.1
+++ sysctl.c    2001/02/10 09:42:26
@@ -1123,7 +1123,7 @@
                  void *oldval, size_t *oldlenp,
                  void *newval, size_t newlen, void **context)
 {
-       int l, len;
+       unsigned l, len;

        if (!table->data || !table->maxlen)
                return -ENOTDIR;

--
Florian Weimer 	                  Florian.Weimer@RUS.Uni-Stuttgart.DE
University of Stuttgart           http://cert.uni-stuttgart.de/
RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898
_______________________________________________
Devel mailing list
Devel@linux.iplabs.ru
http://www.logic.ru/mailman/listinfo/devel


^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2001-02-12  8:28 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2001-02-11  9:45 [devel] [Fwd: Re: [BUGTRAQ] Linux kernel sysctl() vulnerability] Anton Farygin
2001-02-11 23:10 ` Dmitry V. Levin
2001-02-12  5:36   ` Anton Farygin (Rider_LRN)
2001-02-12  8:28     ` Dmitry V. Levin

ALT Linux Team development discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/devel/0 devel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 devel devel/ http://lore.altlinux.org/devel \
		devel@altlinux.org devel@altlinux.ru devel@lists.altlinux.org devel@lists.altlinux.ru devel@linux.iplabs.ru mandrake-russian@linuxteam.iplabs.ru sisyphus@linuxteam.iplabs.ru
	public-inbox-index devel

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.devel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git