from the get-yer-patch-on dept.
B1oodAnge1 writes "Proof of concept code was released last week that exploits a vulnerability in both the 64 and 32 bit versions of the 2.6.30 and 2.6.18 Linux kernel to gain root access. Apparently this affects Red Hat Enterprise Edition 5, which uses the 2.6.18 kernel.
From the source code: A vulnerability which, when viewed at the source level, is unexploitable!
But which, thanks to gcc optimizations, becomes exploitable :)
Also, bypass of mmap_min_addr via SELinux vulnerability!
(where having SELinux enabled actually increases your risk against a
large class of kernel vulnerabilities)'"
e-credibility: the non-guaranteeable likelihood that the electronic data
you're seeing is genuine rather than somebody's made-up crap.
- Karl Lehenbauer