On Thu, 17 Jun 2004 13:28:59 +0200, Manuel Bouyer said: > On Tue, Jun 15, 2004 at 08:42:23AM +0200, Radko Keves wrote: > > [...] > > > > AFFECTED DISTRIBUTIONS: > > FreeBSD 5.x i386 > > FreeBSD, OpenBSD, NetBSD is most likely also affected (investigation needed) > > NetBSD is not, a LKM can't be loaded if securelevel is > 0. Note *very* carefully the fact that the statement "you can't load a LKM" is not totally identical to "you can't cause an LKM to be in the kernel". Hunt down the Phrack article on loading an LKM into a Linux kernel *that doesn't even have module support*, and ask yourself if you're quite as sure that there is *zero* vulnerability there....
Attachment:
pgpf6hbd6misT.pgp
Description: PGP signature