The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned by the kernel. Remote exploitation of this hole is not possible. This advisory only covers kernel packages for the S/390 architecture. Other architectures will be covered by separate advisories. For the stable distribution (woody) this problem has been fixed in the following versions: kernel-patch-2.4.17-s390: version 0.0.20020816-0.woody.1.1 kernel-image-2.4.17-s390: version 2.4.17-2.woody.2.2 The old stable distribution (potato) is not affected by this problem for this architecture since s390 was first released with Debian GNU/Linux 3.0 (woody). For the unstable distribution (sid) this problem will be fixed soon. We recommend that you upgrade your kernel-images packages immediately.
The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned by the kernel. Remote exploitation of this hole is not possible.
This advisory only covers kernel packages for the S/390 architecture. Other architectures will be covered by separate advisories.
For the stable distribution (woody) this problem has been fixed in the following versions:
The old stable distribution (potato) is not affected by this problem for this architecture since s390 was first released with Debian GNU/Linux 3.0 (woody).
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your kernel-images packages immediately.
MD5 checksums of the listed files are available in the original advisory.
Vulmon