Re: Patch for CVE-2004-1334 ???

[Syed Ahemed <kingkhan@gmail.com>]

Hi Willy.
Thanks a lot for the initiative , This is the brief list of
vulnerabilities i am concerned/aware about right now.Will keep looking
for patches in the days to come.
 Please feel free to ask for more help , I am ready to volunteer for
the cause of
making the open source kernel secure .

PS : Let me know the approach to get subsequent updates from you ?

1]http://www.openwall.com/linux/

 A] CAN-2004-1235
  Linux 2.4.29-ow1 is out. Linux 2.4.29, and thus 2.4.29-ow1, adds a
number of security fixes,   including to the x86/SMP page fault
handler (CAN-2005-0001) and the uselib(2)  (CAN-2004-1235) race
conditions, both discovered by Paul Starzetz. The potential of these 
bugs is a local root compromise. The uselib(2) bug does not affect
default builds of Linux kernels with the Openwall patch applied since
the vulnerable code is only compiled in if one explicitly enables
CONFIG_BINFMT_ELF_AOUT, an option introduced by the patch.


2] Same as above [CAN-2004-12345 but just fixes the uselib
vulnerabilty , I dont know again which one to pick

http://kerneltrap.org/node/4503
Marcelo Tosatti [interview] released the 2.4.29-rc1 Linux kernel with
"a SATA update [and a] bunch of network driver updates". He went on to
note, "more importantly it fixes a sys_uselib() vulnerability
discovered by Paul Starzetz". He adds, "[upgrading] is recommended for
users of v2.4.x mainline, distros should be releasing their updates
real soon now." The vulnerability allows local users to gain root
privileges:



3]  CAN-2004-1334
http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html

http://linux.bkbits.net:8080/linux-2.4/cset@41b76e94BsJKm8jhVtyDat9ZM1dXXg
http://linux.bkbits.net:8080/linux-2.4/cset@41b766beodCDEFPbjDRLoUUUxw4Z6w
http://linux.bkbits.net:8080/linux-2.4/cset@41b77314ZtyUzWzZFzaCRGoQc6hKcw
http://linux.bkbits.net:8080/linux-2.4/cset@41c01f2bHFmPwBYQmce6Aw0owIyqkg



4] CAN-2004-1016

https://lwn.net/Articles/115726/



Thanks
King Khan

On 1/26/06, Willy Tarreau <willy@w.ods.org> wrote:
> On Wed, Jan 25, 2006 at 02:26:51PM +0530, Syed Ahemed wrote:
> > The simple reason we do not intend to use the latest version is we run
> > some third party software which cant be front ported (pardon the slang
> > ) to 2.4.29 and above.
> > As for the changeset by  guninski , i wish to ask about a one point
> > source of applying all the patches for 2.4.28 .I mean shouldn't all
> > the kernel security patches ( atleast the ones that have become CVE's)
> > be a part of kernel.org .Since there isn't any what is the reason ?
>
> It's even more work for the person doing it. Maintaining the hotfixes
> from 2.4.29 already takes me some time (not much more for 4 versions
> than for one, what takes the most time is merging the patches, compiling
> and releasing).
>
> > I dont want to go to Gentoo for one patch , red hat for another
> > ....and GOD knows how many sites .
> > Torvalds is the GOD of open source , but am i asking for too much :-)
>
> I can propose a deal to you. You send me a pointer to the patches that
> need to be applied to 2.4.28 to make it as secure as 2.4.29, and I can
> include 2.4.28 in my hotfix tree, so that you'll get regular updates
> for free. I already have what is needed starting from 2.4.29, you just
> have to point the 2.4.28-specific patches. It would time consuming for
> me to review them all, but if someone like you has some interest in it,
> it should be a win-win for both of us.
>
> Simply send me the bkbits.net URLs, I should be able to do the rest.
>
> Regards,
> Willy
>
>