From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mike@fly.osdn.org.ua>
Date: Thu, 7 Dec 2006 11:28:13 +0200
From: Michael Shigorin <mike@osdn.org.ua>
To: sysadmins@lists.altlinux.org
Message-ID: <20061207092813.GQ21076@osdn.org.ua>
Mail-Followup-To: sysadmins@lists.altlinux.org, Sergey Vlasov <vsu@altlinux.ru>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="C+ts3FVlLX8+P6JN"
Content-Disposition: inline
User-Agent: Mutt/1.4.2.1i
Cc: Sergey Vlasov <vsu@altlinux.ru>
Subject: [Sysadmins] SI: e100 => local kernel privilege escalation
X-BeenThere: sysadmins@lists.altlinux.org
X-Mailman-Version: 2.1.9rc1
Precedence: list
Reply-To: shigorin@gmail.com,
	ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
List-Id: ALT Linux sysadmin discuss <sysadmins.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sysadmins>
List-Post: <mailto:sysadmins@lists.altlinux.org>
List-Help: <mailto:sysadmins-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Dec 2006 09:28:30 -0000
Archived-At: <http://lore.altlinux.org/sysadmins/20061207092813.GQ21076@osdn.org.ua/>
List-Archive: <http://lore.altlinux.org/sysadmins/>


--C+ts3FVlLX8+P6JN
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Summary:
A vulnerability exists in all PCI, PCI-X and PCIe Intel network
adapter drivers that could allow unprivileged code executing on
an affected system to perform a local privilege escalation.

Description:
This vulnerability is due to a buffer overflow that could be
caused by incorrect use of a function call. This condition could
allow unauthorized code to be introduced that could be run with
kernel-level privileges.

e100:  vulnerable <=3D 3.5.14, fixed >=3D 3.5.17
e1000: vulnerable <=3D 7.2.7,  fixed >=3D 7.3.15

http://www.intel.com/support/network/sb/CS-023726.htm

2 vsu: =D0=CF=CC=D5=DE=C9=D4=D3=D1 =CC=C9 =D7=D9=D0=D5=D3=D4=C9=D4=D8 =CF=
=C2=CE=CF=D7=CC=C5=CE=C9=C5 =D1=C4=D2=C1 =C4=CC=D1 ALM2.4?
(=C9=CC=C9 =D3=C1=CD=CF=CD=D5 =D3=CF=C2=C9=D2=C1=D4=D8 vs-smp)

--=20
 ---- WBR, Michael Shigorin <mike@altlinux.ru>
  ------ Linux.Kiev http://www.linux.kiev.ua/

--C+ts3FVlLX8+P6JN
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFFd96tbsPDprYMm3IRAr2/AKC5Gs0N8XenRTrol0+/f3BUP8cQkQCguoyI
V86JXb4P9PUew+YcV85b6CI=
=CPTn
-----END PGP SIGNATURE-----

--C+ts3FVlLX8+P6JN--