|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2013-05-15 14:05:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
Local root vulnerability in the kernel
Commit
b0a873ebb, merged for the 2.6.37 kernel, included an out of bounds
reference bug that went undetected until Tommi Rantala discovered it
with the Trinity fuzzing tool this April. It wasn't seen as a security bug by the kernel
developers until an
exploit was posted; the problem is now known as CVE-2013-2094.
Mainline kernels 2.6.37-3.9 are vulnerable, but Red Hat also backported the
bug into the 2.6.32-based kernel found in RHEL6. Expect distributor
updates shortly.
Commit
b0a873ebb, merged for the 2.6.37 kernel, included an out of bounds
reference bug that went undetected until Tommi Rantala discovered it
with the Trinity fuzzing tool this April. It wasn't seen as a security bug by the kernel
developers until an
exploit was posted; the problem is now known as CVE-2013-2094.
Mainline kernels 2.6.37-3.9 are vulnerable, but Red Hat also backported the
bug into the 2.6.32-based kernel found in RHEL6. Expect distributor
updates shortly.
