[grsec] 2.6.11 patch on server updated to fix recently discovered epoll vulnerability

Brad Spengler spender at grsecurity.net
Wed Mar 9 12:05:45 EST 2005


I've updated the 2.6.11 patch on the server to fix the epoll 
vulnerability discovered by Georgi Guninski.  Since an exploit is
already circulating for the vulnerability (and has existed for some time 
in private), 2.6.11 users are strongly urged to upgrade.  If you only 
want to patch the specific file involved, the patch at:
http://kernel.org/pub/linux/kernel/v2.6/patch-2.6.11.2.gz
will apply cleanly (minus the Makefile reject)
Again, we recommend that unless it is necessary for you to use 2.6, 
stick with the stable 2.4 tree as it contains less experimental (and 
ultimately buggy, and exploitable) code.

-Brad
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://grsecurity.net/pipermail/grsecurity/attachments/20050309/917416a7/attachment.pgp


More information about the grsecurity mailing list