=== asac_ is now known as asac | ||
=== imbrandon_ is now known as imbrandon | ||
bullgard4 | What is the function of kacpid? It seems not to be documented in the kernel documentation. | 07:39 |
---|---|---|
mjg59 | It's the kernel thread that handles acpi events | 08:56 |
=== \sh_away is now known as \sh | ||
bullgard4 | mjg59: Thank xou very much for informing. | 11:59 |
=== \sh is now known as \sh_away | ||
tjaalton | the vmsplice-exploit is for 2.6.17-2.6.24, and verified working on 7.10 | 12:09 |
tjaalton | http://blog.bofh.it/id_131 | 12:11 |
tjaalton | that's a workaround for now | 12:11 |
h3b | tach zusammen | 12:15 |
bigon | I suppose that everybody is aware of http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464953 ? | 13:33 |
ubotu | Debian bug 464953 in linux-2.6 "linux-2.6: mmap() local root exploit" [Critical,Open] | 13:33 |
fijam | hello, terribly sorry to bother you but is there any eta on fix for http://bugzilla.kernel.org/show_bug.cgi?id=9924 ? | 18:42 |
ubotu | bugzilla.kernel.org bug 9924 in Other "Two vmsplice local root exploits" [High,New] | 18:42 |
kraut | moin | 19:43 |
=== Traxer is now known as Traxer|on | ||
=== Traxer|on is now known as Traxer | ||
kraut | http://it.slashdot.org/it/08/02/10/2011257.shtml | 22:02 |
laga | wow. slashdot is really quick on the uptake | 22:04 |
kraut | that sounds so ironic ;) | 22:04 |
kraut | hi laga btw. | 22:04 |
laga | it was sarcasm, actually :) | 22:04 |
laga | hi kraut | 22:04 |
kraut | <Md> kraut: if you have a 32 bit system and you cannot reboot it, you can load this module to block both exploits: http://www.linux.it/~md/software/novmsplice.tgz | 22:05 |
laga | http://it.slashdot.org/comments.pl?sid=448542&cid=22372790 | 22:05 |
laga | there's an exploit which blocks the exploit :) | 22:06 |
kraut | lol | 22:07 |
laga | i've just read the comments on slashdot | 22:08 |
* laga removes eyes from head with a spoon | 22:08 | |
cbx33 | hey guys | 22:45 |
ivoks | hi | 22:46 |
cbx33 | any eta for the local root exploit bug fix? | 22:46 |
ivoks | i'm building unofficial kernel packages for 7.10 | 22:46 |
cbx33 | i'm really interested in official stuff | 22:47 |
cbx33 | do you have the fix documented? | 22:47 |
ivoks | http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=712a30e63c8066ed84385b12edbfb804f49cbc44 | 22:47 |
cbx33 | is that it | 22:49 |
ivoks | sad, isn't it? :) | 22:49 |
cbx33 | yes | 22:50 |
cbx33 | very | 22:50 |
cbx33 | what a bad rep we'll get | 22:50 |
cbx33 | ;) | 22:50 |
ivoks | ah, mistakes happen | 22:50 |
cbx33 | indeed | 22:50 |
ivoks | at least we have a fix | 22:50 |
cbx33 | ivoks have you tried the workaround script? | 22:51 |
cbx33 | the one that adds the RET to the vmsplice memory location? | 22:51 |
ivoks | no | 22:51 |
cbx33 | oh | 22:51 |
cbx33 | ko | 22:51 |
ivoks | you have a link? | 22:51 |
cbx33 | yes | 22:51 |
cbx33 | http://www.ping.uio.no/~mortehu/disable-vmsplice-if-exploitable.c | 22:52 |
cbx33 | see if it seems reasonable | 22:52 |
crimsun | ivoks: from backscroll, didn't you say it doesn't affect gutsy/i386? | 22:52 |
ivoks | crimsun: yeah, i did | 22:52 |
ivoks | this is new exploit | 22:52 |
ivoks | and this one works | 22:52 |
crimsun | oh, 3 not 2. | 22:52 |
ivoks | right, 3 doesn't work on gutsy | 22:53 |
crimsun | thank goodness I'm still running 2.2.26! | 22:53 |
cbx33 | 3? | 22:53 |
cbx33 | 2? | 22:53 |
ivoks | http://www.milw0rm.com/exploits/5092 | 22:54 |
ivoks | http://www.milw0rm.com/exploits/5093 | 22:54 |
cbx33 | oh dear | 22:54 |
cbx33 | is the fix the same for both? | 22:54 |
ivoks | i do hope so... :) | 22:55 |
cbx33 | can't wait till the official fix is released | 22:55 |
ivoks | i have only one problematic server... | 22:55 |
cbx33 | me too | 22:55 |
ivoks | all others are 6.06 | 22:55 |
ivoks | or don't have users at all | 22:55 |
cbx33 | no users at all? | 22:55 |
cbx33 | or no users apart from ones you know | 22:56 |
ivoks | except me | 22:56 |
cbx33 | ;) | 22:56 |
cbx33 | yeh that's what mine are like | 22:56 |
cbx33 | but i still want them patched ;) | 22:56 |
ivoks | of course... | 22:56 |
cbx33 | maybe I'll recompile kernel | 22:56 |
cbx33 | give me something to do | 22:56 |
cbx33 | what's the official docs on kernel com/recompiling | 22:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!