[SecurityNotice]Linux Kernel vulnerability
Posted on Thu 20 August 2009 in 我用(IT)
呵呵,刚切到Ubuntu没几天,就爆出一个重大内核漏洞,描述如下:
Tavis Ormandy and Julien Tinnes discovered that Linux did not correctly
initialize certain socket operation function pointers. A local attacker
could exploit this to gain root privileges. By default, Ubuntu 8.04
and later with a non-zero /proc/sys/vm/mmap_min_addr setting were not
vulnerable.
还有个中文的说明:http://baoz.net/linux-sockops-wrap-proto-ops-local-root-exploit/
幸好人品过硬,没中招,今天update的时候,内核升到2.6.28-15.49了,查了一下,正好解决这个问题。
因为这个是内核缺陷,所以不管你是Redhat、Debian还是Ubuntu,都无法幸免,看到这篇文章后如果你有linux的机器,都顺便瞧瞧自己的内核版本吧(uname -a),把这个漏洞堵上!
- Ubuntu 9.04 linux-image-2.6.28-15-generic ==> 2.6.28-15.49
- Debian 4.0 2.6.18-6-686 ==> linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-24etch3_i386.deb
- Red Hat Enterprise AS 4 2.6.9-42.ELsmp ==> ??
- Others 使用“发行版 内核版本 security Tavis”在google上找吧
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36448
//这个链接有解决方案,可我死活打不开。等被台风刮断的海底光缆都修好了吧