Trustix Security Advisory #2001-0003 – kernel
- -------------------------------------------------------------------------- Trustix Secure Linux Security Advisory #2001-0003 Package name: kernel Severity: Local root exploit Date: 2001-04-05 Affected versions: TSL 1.01, 1.1, 1.2 - -------------------------------------------------------------------------- Problem description: Some time ago, a vulnerability was discovered that allowed for root access through ptrace call in the linux kernel. This was originally considered fixed in a previous patch, but as it turns out, it wasn't. This is fixed in kernel version 2.2.19. Action: We recommend all systems which has this package installed to be upgraded. Please see the Kernel Upgrade Howto, available from <URL:http://www.trustix.net/doc/kernel-upgrade/kernel-upgrade.html> for more information on how to upgrade your TSL kernel. Location: All TSL updates are available from <URL:http://www.trustix.net/pub/Trustix/updates/> <URL:ftp://ftp.trustix.net/pub/Trustix/updates/> Users of the SWUP tool, can enjoy having the security updates automatically installed using 'swup --upgrade'. Get SWUP from: ftp://ftp.trustix.net/pub/Trustix/software/swup/ Note that you may not want to use SWUP to do unattended kernel upgrades, and it does not do so by default. Questions? Check out our mailinglists: http://www.trustix.net/support/ Verification: This advisory is signed with the TSL sign key. It is available from: http://www.trustix.net/TSL-GPG-KEY Trustix Security Team -- Trustix Secure Linux Advisor Homepage: http://www.trustix.net/ Errata: http://www.trustix.net/errata/ Automatic updates: http://www.trustix.net/pub/Trustix/software/swup/