From: Mike Tierney (miket_at_marketview.co.nz)
Date: Thu 12 May 2005 - 22:55:57 BST
> From: vserver-bounces_at_list.linux-vserver.org [mailto:vserver-
> bounces_at_list.linux-vserver.org] On Behalf Of Oliver Welter
> Hello Herbert,
> >>serious problem:
> >>I read about the new BufferOverflow in the kernel's ELF Loader - it
> >>seems that an unprivileged attacker can start process in the kernels
> > details?
> > - which issue?
> > - what kernels are affected?
> > - how does the 'exploit' look like?
> I reffered to the Announce on heise
> (http://www.heise.de/newsticker/meldung/59498) - I did not any
> additional research as I dont have much knowldeg about kernel but this
> one here sounds serioius as it might allow loading a compromised
> kernel-space programm by simply running an infected binary....
This has been fixed in kernel release 184.108.40.206 according to
Vserver mailing list