|
|
|
| Digg |
|
|
|
The changelog for kernel 2.6.25.11 includes just a single entry, however, it seems to be so important that the Kernel Stable Team urgently advises users to upgrade the kernel on 64 bit multiple user systems.
The patch by Geman developer Michael Karcher remove an issue in the local descriptor table (ldt) on x86_64 systems. Details of the bug have not yet been disclosed. In his release announcement Greg Kroah-Hartman writes that systems with unrestricted user accounts should definitely be updated. It can be assumed that logged in users are able to escalate their privileges thanks to the bug.
A couple of days ago, the kernel 2.6.25.10 release removed two vulnerabilities both of which affected the x86_64 platform. The first bug affected several drivers and could be exploited to run arbitrary code, or crash the kernel. The second bug affected the "sys32_ptrace()" function in "arch/x86/kernel/ptrace.c" and could cause an overflow of the "refcount" field in the "task_struct" structure, thus causing a number of system errors.
The bugs affect all 2.6.25 series kernels. The kernel development team urgently advises users to install patches.
|
|
|
| ApacheCon US video archive |
|---|
|
All about Apache in 19 talks Watch 19 talks from the ApacheCon US in New Orleans from the convenience of your home or office. Topics are: Scaling Apache 2.x in all dimensions, Securing Communications with your Apache HTTP Server, Scripting your Java Application with BSF 3.0 and much more. |
Comments