WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-users

[Top] [All Lists]

Re: [Xen-users] has CVE-2010-3081 been patched in the xen.org kernels?

from [Luke S Crawford]

[Permanent Link][Original]

To:	deshantm@xxxxxxxxx
Subject:	Re: [Xen-users] has CVE-2010-3081 been patched in the xen.org kernels?
From:	Luke S Crawford <lsc@xxxxxxxxx>
Date:	28 Sep 2010 13:44:17 -0400
Cc:	xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date:	Tue, 28 Sep 2010 10:45:52 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to:	<AANLkTikzZL_Dvas2FL+DBXFk8v1bjS+J_PLFOugNdYwh@xxxxxxxxxxxxxx>
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References:	<m3zkv2xbto.fsf@xxxxxxxxxxxxxxxxxx> <AANLkTikzZL_Dvas2FL+DBXFk8v1bjS+J_PLFOugNdYwh@xxxxxxxxxxxxxx>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent:	Gnus/5.09 (Gnus v5.9.0) Emacs/21.4

Todd Deshane <deshantm@xxxxxxxxx> writes:

> On Tue, Sep 28, 2010 at 9:00 AM, Luke S Crawford <lsc@xxxxxxxxx> wrote:
> >
> >
> > there's lots of talk of the Ac1db1tch3z exploit.   has this been pached
> > in the xen.org dom0 kernels?  the xcp kernels?   I've been using the
> > /proc/sys/fs/binfmt_misc/register  workaround but it'd be better to properly
> > upgrade everything.
> >
> 
> A recent root exploit is mentioned here:
> http://xen.markmail.org/search/?q=%22xen+and+dom0+kernel+builds%22#query:%22xen%20and%20dom0%20kernel%20builds%22+page:1+mid:5tx6app7okp67cdi+state:results


That's the exploit I'm talking about, but that message is about myoung's 
fc12 build... as far as I can read it doesn't mention the 2.6.32.x pvops
kernel or the 2.6.18.8-xen hg tree.  

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-users] has CVE-2010-3081 been patched in the xen.org kernels?, Luke S Crawford Re: [Xen-users] has CVE-2010-3081 been patched in the xen.org kernels?, Todd Deshane Re: [Xen-users] has CVE-2010-3081 been patched in the xen.org kernels?, Luke S Crawford <= Re: [Xen-users] has CVE-2010-3081 been patched in the xen.org kernels?, Matthew Law

Previous by Date:	Re: [Xen-users] PV domU loses connectivity on xen 4, Boris Derzhavets
Next by Date:	Re: [Xen-users] PV domU loses connectivity on xen 4, Dmitry Nedospasov
Previous by Thread:	Re: [Xen-users] has CVE-2010-3081 been patched in the xen.org kernels?, Todd Deshane
Next by Thread:	Re: [Xen-users] has CVE-2010-3081 been patched in the xen.org kernels?, Matthew Law
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix