Page 2 of 3
Re: CVE 2013-1763 - Linux Kernel local root exploit
Posted: 22. May 2013, 13:51
by GJones
True. I also forgot about that, as I'm fortunate enough to be using an old laptop that doesn't need proprietary drivers.
Methinks I will post a guide to compiling custom kernels for 13.37.
Edit: N/M there are probably a million guides for doing so on the internet.
Re: CVE 2013-1763 - Linux Kernel local root exploit
Posted: 22. May 2013, 14:17
by gapan
Re: CVE 2013-1763 - Linux Kernel local root exploit
Posted: 22. May 2013, 14:21
by ruario
As you have probably all realised by now Pat did indeed provide updated kernels (
this is the announcement):
Slackware 13.37 - 2.6.37.6-3,
Slackware64 13.37 - 2.6.37.6-3,
Slackware 14.0 - 3.2.45 and
Slackware64-14.0 - 3.2.45. Be aware however that some people with certain Intel hardware have had
problems with the 3.2.45 kernel on Slackware 14.
Towards the end of the thread
Ponce provides a 3.2.45 kernel with the problematic patch removed. Your other options are skip the upgrade or do what I did and take the 3.8.13 kernel from -current.
EDIT: Or as suggested above, compile your own.
Re: CVE 2013-1763 - Linux Kernel local root exploit
Posted: 22. May 2013, 14:35
by gapan
For people with intel graphics card that go black after an upgrade, adding this to the lilo entry for the kernel should help:
Re: CVE 2013-1763 - Linux Kernel local root exploit
Posted: 22. May 2013, 15:01
by ruario
Thanks gapan. I was not aware of that option. Though in my case the problem was not a black screen on boot but rather
X freezing shortly after it started.
Re: CVE 2013-1763 - Linux Kernel local root exploit
Posted: 22. May 2013, 16:38
by mimosa
Should there be a space after the first "? Or doesn't it matter?
Re: CVE 2013-1763 - Linux Kernel local root exploit
Posted: 22. May 2013, 19:03
by gapan
mimosa wrote:Should there be a space after the first "? Or doesn't it matter?
I'm not really sure. I always add it out of habit.
Re: CVE 2013-1763 - Linux Kernel local root exploit
Posted: 22. May 2013, 19:45
by ruario
Pat has updated the 14.0 3.2.45 packages. Reports are that they work for those having issues before. I must admit I have not tried yet. The kernel from current is working nicely for me so I will probably stick with it.
Re: CVE 2013-1763 - Linux Kernel local root exploit
Posted: 1. Jun 2013, 13:38
by zazlox
thanks gapan for yur answer . the update fix the issue . no matter what we'll never be safe . bad people everywhere
.
Re: CVE 2013-1763 - Linux Kernel local root exploit
Posted: 1. Jun 2013, 17:12
by laprjns
I upgraded to the new kernel on my Dell laptop with these specs:
Code: Select all
root[rich]# inxi -C -G
CPU: Dual core Intel Core i3-2330M CPU (-HT-MCP-) cache: 3072 KB flags: (lm nx sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx)
Clock Speeds: 1: 800.00 MHz 2: 800.00 MHz 3: 800.00 MHz 4: 800.00 MHz
Graphics: Card: Intel 2nd Generation Core Processor Family Integrated Graphics Controller
X.org: 1.12.4 drivers: intel (unloaded: vesa) tty size: 133x38 Advanced Data: N/A for root
It booted into x and the desktop ok, but then completely locked up. I could move the mouse pointer, but no response to clicks or keyboard entries. I reverted back to the old kernel.