Hi, Yes, we know and the fix is pretty much ready to go. It isn't a priv escalation anyway, its memory corruption most likely leading to an oops. Steve. On Fri, 2010-04-30 at 15:59 +0000, yvette hirth wrote: > i just saw this on a SANS security vulnerability alert. is everyone > aware of this? > > 10.18.18 CVE: Not Available > Platform: Linux > Title: Linux Kernel "gfs2_quota" Structure Write Local Privilege > Escalation > Description: The Linux kernel is exposed to a local > privilege escalation issue affecting the "gfs2" file system. > Specifically, when a "gfs2_quota" structure straddles a page boundary, > updates to the structure are not correctly written to disk. This can > result in a buffer overflow condition which may lead to memory > corruption. > Ref: http://www.securityfocus.com/bid/39715 > > fyi > yvette hirth > > -- > Linux-cluster mailing list > Linux-cluster@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/linux-cluster -- Linux-cluster mailing list Linux-cluster@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/linux-cluster
