[CLUE-Tech] redhat 7.3 kernel upgrad
David Anselmi
anselmi at americanisp.net
Tue Oct 22 16:24:16 MDT 2002
Friedman, Jason wrote:
>>From http://rhn.redhat.com/errata/RHSA-2002-206.html:
>
> "A security code audit of the 2.4 kernel found a number of possible
> local security vulnerabilities which could allow a local user to obtain
> elevated (root) privileges. The vulnerabilities were found in the ixj
> telephony card driver, the pcilynx firewire driver, and the bttv video
> capture card driver."
>
> Am I still vulnerable if I do not use any of those drivers?
Probably not. As long as they aren't compiled into the kernel and the
modules aren't already loaded you should be ok. If they are loaded,
even without the appropriate hardware, it may be possible to exploit the
hole. I don't see anything specific about the hole, so it's hard to tell.
Dave
More information about the clue-tech
mailing list