Kernel Econet root exploit

admin December 8, 2010 5 Gentoo

The Gentoo Kernel Team (thanks, asn!) have released 3 patched kernels that cover the Econet root exploit described at: http://lwn.net/Articles/419141/

This covers (CVE-2010-3850), (CVE-2010-3849) and (CVE-2010-4258).

The following gentoo-sources contain the fixes: gentoo-sources-2.6.36-r4, gentoo-sources-2.6.35-r14 and gentoo-sources-2.6.32-r23.

Edit: 2.6.36-r4, not r6, which does not exist, yet.

5 Comments

Stjujsckij Nickolaj December 9, 2010 at 3:25 am

> The following gentoo-sources contain the fixes: gentoo-sources-2.6.36-r6

According to sys-kernel/gentoo-sources/ChangeLog, -r4 fixes it. WHere’s the truth?

Anway, thanks for fix!
Kacper Kowalik December 9, 2010 at 4:23 am

Judging by the ChangeLog you meant gentoo-sources-2.6.36-r4 (not -r6) 🙂
admin (Post author)December 9, 2010 at 6:39 am

Whoops!
Evrsr December 10, 2010 at 6:59 am

Hi,

Could you please merge these warnings in GLSA? I usually keep check for the other packages but the kernel seems to be always left out.

Best regards
Fab December 10, 2010 at 7:01 am

No fix for 2.6.34 ?
I tested the proof-of-concept on my 2.6.34-r12 and result is :

$ ./full-nelson
[*] Failed to open file descriptors.

Maybe the privilege escalation is dependent on the kernel configuration…
Do I really need to upgrade to 2.6.35 ?

Kernel Econet root exploit

5 Comments

Leave a Comment