[Users] New kernel vuln...
Michael H. Warfield
mhw at WittsEnd.com
Mon Aug 17 09:49:21 EDT 2009
OpenVZ Kernel jockies...
Anyone like to comment on if they think this could be exploited from a
guest VM to execute code on the host node? This seems pretty serious
and exploits are in the wild.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692
http://www.securityfocus.com/archive/1/archive/1/505751/100/0/threaded
http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
Patches are starting to work their way into the distros:
http://lists.debian.org/debian-security-announce/2009/msg00179.html
http://lists.debian.org/debian-security-announce/2009/msg00181.html
I assume we'll need patched kernels quickly.
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://openvz.org/pipermail/users/attachments/20090817/5eb5462b/attachment.bin
More information about the Users
mailing list