On Thursday 05 November 2009, Robert Bradbury wrote:
> There was discussion on /. today about there being a potential bug
> which allows users to obtain root privileges.  Apparently its been
> fixed in BSD but may still be a problem in RedHat distributions.  It
> is supposed to be fixed in the kernel but only as of 2.6.32.
>
> Is the fix being back-ported to 2.6.31 or should people plan/attempt
> to run the kernel directly from kernel.org sources before they make
> it into the Gentoo releases?

I am not part of the kernel maintainers, but from what I see stabling a 
2.6.31 release usually means stabling the latest released patch. I 
assume Linux stable maintainers (upstream) will incorporate the NULL 
dereference patch into an upcoming release (2.6.31.6?).

As far as exploitability is concerned, in default configurations of 
gentoo-, vanilla- and hardened-sources this bug cannot be exploited to 
escalate privileges beyond a kernel panic.

The security team is tracking the vulnerability in this bug:
https://bugs.gentoo.org/show_bug.cgi?id=291904

We have recently extended our team with Björn (asym) who will be working 
closer with our kernel maintainers and improve developer (and user!) 
tools to keep systems secure. But I won't spoil the fun of explaining 
that in detail and leave it to him.


Robert