Author: JT Smith
Net-security.org has this item: “Three security holes have been fixed in the kernel. One involves ptrace, another
involves sysctl, and the last is specific to some Intel CPUs. All three security
holes involve local access only (they do not provide a hole to remote attackers
without a local
account). The ptrace and sysctl bugs provide local users with the potential to
compromise the root account. Neither has an active exploit available at the time
of this writing. The last security hole is a DOS (Denial Of Service) that does
not provide access to the root account but does allow any user with shell access
the ability to halt the CPU.”
involves sysctl, and the last is specific to some Intel CPUs. All three security
holes involve local access only (they do not provide a hole to remote attackers
without a local
account). The ptrace and sysctl bugs provide local users with the potential to
compromise the root account. Neither has an active exploit available at the time
of this writing. The last security hole is a DOS (Denial Of Service) that does
not provide access to the root account but does allow any user with shell access
the ability to halt the CPU.”
