From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1P9Fin-0001LM-Bl for garchives@archives.gentoo.org; Fri, 22 Oct 2010 11:23:41 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7A285E07CE; Fri, 22 Oct 2010 11:21:33 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 56BE7E07CE for ; Fri, 22 Oct 2010 11:21:33 +0000 (UTC) Received: from [192.168.3.7] (cpe-74-77-194-18.buffalo.res.rr.com [74.77.194.18]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPSA id C67F41B4195 for ; Fri, 22 Oct 2010 11:21:32 +0000 (UTC) Message-ID: <4CC173A4.1080106@gentoo.org> Date: Fri, 22 Oct 2010 07:21:08 -0400 From: "Anthony G. Basile" User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100912 Lightning/1.0b3pre Lanikai/3.1.3 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 To: gentoo-hardened@lists.gentoo.org Subject: [gentoo-hardened] Security notice for hardened users. X-Enigmail-Version: 1.1.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: d5893130-a14b-4921-b4ca-33699f62526f X-Archives-Hash: ed9877c813ad3796b9cb2e19de7b90c2 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all hardened users. On Oct. 19, a local privilege escalation exploit was found [1,2] that affected hardened kernels on all architectures. For certain configurations of the hardened kernel, it is possible for a local user to obtain root privileges. The current Proof-Of-Concept code can be frustrated by not providing symbol information via /proc/kallsyms or System.map, but at this time it is unclear if other hardening features such as CONFIG_PAX_MEMORY_UDEREF provide adequate protection against variations of the POC which do not need symbols. All users are encouraged to upgrade to hardened-sources-2.6.32-r22 which is currently marked stable on amd64 and x86. It is being fast tracked on other archs. [3] hardened-sources-2.6.35-r4 is also not vulnerable, but cannot be stabilized yet because of a bug in dhcp which also affects gentoo-sources-2.6.35-r4. [4] For those who want kernels > .32 and can live with the minor bug, you can safely use hardened-sources-2.6.35-r4. Later this week, all ebuild for vulnerable kernels will be removed from the tree, except for hardened-sources-2.6.34-r6 hardened-sources-2.6.32-r9 and hardened-sources-2.6.28-r9. These will be kept for continuity. Ref: [1] http://www.vsecurity.com/resources/advisory/20101019-1/ [2] http://bugs.gentoo.org/show_bug.cgi?id=341801 [3] http://bugs.gentoo.org/show_bug.cgi?id=341915 [4] http://bugs.gentoo.org/show_bug.cgi?id=334341 - -- Anthony G. Basile, Ph.D. Gentoo Developer -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkzBc6QACgkQl5yvQNBFVTW5ZACfYee41wo/CB227ZWrt2X5x4sG vxoAoKGpVvtXB48Sl/urvqqPenjpiq3x =P+g7 -----END PGP SIGNATURE-----