Bug 23914

Какой именно фикс предлагается использовать?
320b2b8de12698082609ebbc1a17165727f4c893 сочли достаточным или нет?

----- Forwarded message from Greg KH -----

> >You need more than just that one patch to solve all of the issues here.
> >The latest round of stable kernel releases have all of the needed
> >patches, with the exception of the .27-stable kernel, that one is still
> >out for review for more testing.
> 
> Greg, did I miss out any?
> 
> http://git.kernel.org/linus/320b2b8de12698082609ebbc1a17165727f4c893
> http://git.kernel.org/linus/5528f9132cf65d4d892bcbc5684c61e7822b21e9
> http://git.kernel.org/linus/96054569190bdec375fe824e48ca1f4e3b53dd36
> http://git.kernel.org/linus/11ac552477e32835cb6970bf0a70c210807f5673
> http://git.kernel.org/linus/d7824370e26325c881b665350ce64fb0a4fde24a

No, I think that's it.

But watch out if you have kernels older than 2.6.28, the above patches
don't apply there properly.  I have released a 2.6.27.52-rc3 with them
reworked, but I don't really feel comfortable with it at the moment, so
any help and testing would be greatly appreciated.

----- End forwarded message -----

(В ответ на комментарий №2)
> But watch out if you have kernels older than 2.6.28, the above patches
> don't apply there properly.  I have released a 2.6.27.52-rc3 with them
> reworked, but I don't really feel comfortable with it at the moment, so
> any help and testing would be greatly appreciated.
Думаю дождаться 2.6.27.52, атака на терминал чревата максимум доступом в локальную сеть с правами root (и к примонтированным флэшкам-сидюшкам).

Если получится раньше, попробую прикрутить SUSE'шный патч, хотя что-то подсказывает, что быстрее выйдет 2.6.27.y.

Спасибо!

Дождался.

kernel-image-tmc-tc-2.6.27-alt10 -> sisyphus:

* Sat Aug 21 2010 Michael Shigorin <mike@altlinux> 2.6.27-alt10
- 2.6.27.52: fixes local root vulnerability CVE-2010-2240
  (kernel: mm: keep a guard page below a grow-down stack segment)
  + thanks ldv@ for convenient support (closes: #23914)