On Mon, 13 Dec 2004 19:07:31 +0100, Moritz Muehlenhoff wrote: [...] > > It seems as if the local DoS in the a.out loader (only exploitable when > VM memory overcommitment is turned on) is still unfixed in kernel-source- > 2.6.8: > The changelog for 2.6.8-9 mentions another unrelated elf/a.out vulnarability, > but I can't find the proposed patch by Chris Wright in the diff.gz, so maybe > this has slipped through until now or fixed in a different way, I don't know: > http://marc.theaimsgroup.com/?l=linux-kernel&m=110023019006886&w=2 > > Cheers, > Moritz
Thanks for pointing that out, I committed the fix (plus http://linux.bkbits.net:8080/linux-2.6/[EMAIL PROTECTED] ) to SVN. It will be fixed in the next release (once we get this symbol crap sorted out).
