|
DESCRIPTION A vulnerability in the linux kernel function mremap() has been found. This vulnerability could be exploited by a local attacker to gain root privileges on a system where they already have a user account. This bug has been fixed in the mainline 2.4.24 kernel; the fix has been backported to 2.4.19 for NetWinder since the later kernels are not yet fully stable on ARM platform. SOLUTION Download the following RPM packages to the NetWinder into a temporary
directory, then install them with the command "rpm -Uvh *.rpm". Be sure
there are no other files ending in ".rpm" in the temporary directory. See
http://www.netwinder.org/security/install.html for more help. Required packages http://www.netwinder.org/mirror/pub/netwinder/updates/nw-9/armv4l/kernel-2.4.19-10.armv4l.rpm Optional packages http://www.netwinder.org/mirror/pub/netwinder/updates/nw-9/SRPMS/kernel-2.4.19-10.src.rpm REFERENCES http://www.debian.org/security/2004/dsa-417 |