[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] [Fwd: Kernel Security]
- Subject: [ale] [Fwd: Kernel Security]
- From: krum at smyrnacable.net (Kevin Krumwiede)
- Date: 28 Mar 2002 06:51:36 -0500
The exploit scenario described for this bug sounds unlikely, but it's
still something to be aware of I guess.
From: Michael LERCH <Michael.Lerch at ch.dhl.com>
To: ale at ale.org
To: lfs-security at linuxfromscratch.org
Subject: Kernel Security
Date: 28 Mar 2002 12:06:54 +0100
I think this may interest some people :
There is a vulnerability in the kernel, version: up to 2.2.20 and
In case of excessively long path names d_path kernel internal
returns truncated trailing components of a path name instead of
value. As this function is called by getcwd(2) system call and
do_proc_readlink() function, false information may be returned to
For more information :
I had a quick glance, at http://www.kernel.org no patch seems to be
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.