Author Topic: securitytopic!!!(SOLVED!)  (Read 1949 times)

Offline molen

  • Newly Subscribed
  • *
  • Posts: 23
  • Karma: 1
  • New Forum User
    • View Profile
  • Peppermint version(s): 4
securitytopic!!!(SOLVED!)
« on: May 29, 2014, 06:55:58 am »
What can you do with this securitytopic:
----- BEGIN PGP SIGNED MESSAGE -----
Hash: SHA256

   # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
  NCSC ~ # # # # SECURITY ADVICE
 # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

Title : Vulnerability in Linux Kernel found
Advisory ID : NCSC - 2014-0330
Version: 1.00
Probability : Medium
CVE ID : CVE - 2012-6647
                  ( http://cve.mitre.org/cve/ )
Damage: high
                  Denial of Service ( DoS )
Issue Date : 20140528
Application: Kernel
Version ( s ) : 3.5.1 and earlier
Platform ( s ) : Linux

resume
   Vulnerability in the Linux kernel , version 3.5.1 and earlier that could
   lead to a Denial - of-Service . There are currently no updates
   is made available.

consequences
   An attacker could exploit the vulnerability remotely to a
   Cause . Denial- of-Service

description
   There is a NULL pointer dereference vulnerability found in
   FUTEX_WAIT_REQUEUE_PI the operation . An attacker can
   vulnerability to remotely exploit a Denial -of -Service
   cause .
   The Linux kernel must be compiled with fast userspace
   mutexes ( CONFIG_FUTEX ) support.

possible Solutions
   There are currently no updates are made available for this vulnerability
   remedy. Once updates uitkomem , this advisory
   with an update .

indemnification Statement
   By using this security advisory , you agree to the
   following conditions. Despite the NCSC utmost
   Care has been taken in the compilation of this security advisory ,
   the NCSC can not guarantee the completeness , accuracy or
   ( continued ) timeliness of this security advisory . the information
   in this Security Advisory is intended as general
   information for professionals . The information in this
   Security Advisory No rights can be derived . the NCSC
   and the State shall not be liable for any damages resulting
   of the use or inability to use this
   security advisory , including damage due to the
   inaccuracy or incompleteness of the information in this
   security advisory . At this security advisory Dutch law
   applicable. All disputes related to and / or arising
   will be submitted to the exclusive in this security advisory
   competent court in The Hague. This choice also applies to the
   A judge in summary proceedings.


----- BEGIN PGP SIGNATURE -----
Version : Encryption Desktop 10.3.1 (Build 13100 )
Charset : utf -8

wlcDBQFThbZBxQmb4H7upc0RCCj0AP43MsslrZSvEfUFSpwBQm0prUOa3FAlaGQe
s81bbu/3wwD/dR3GsFt2hqXdNjh6DbCvYWDw rtFb3G + + fxvPATOZR4g =
= eS6R
----- END PGP SIGNATURE -----
« Last Edit: May 29, 2014, 11:39:08 pm by molen »

Offline kendall

  • Administrator
  • Member
  • *****
  • Posts: 656
  • Karma: 133
  • Co-Founder
    • View Profile
Re: securitytopic!!!
« Reply #1 on: May 29, 2014, 04:01:33 pm »
Basically as soon as a patch including the fix is available it will get merged into the mainline kernel and an update will be issued. From there distribution maintainers will download the new kernel, build it for their respective distributions, and make it available as an update through the standard update channels. What this means for end users is that an update will be available through their distribution's package manager as soon as the aforementioned steps have been completed.
Peppermint is powered by VPS.NET Cloud Servers.

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26452
  • Karma: 65531
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: securitytopic!!!
« Reply #2 on: May 29, 2014, 05:05:27 pm »
This vulnerability doesn't seem to apply to the 3.8 kernel series (as used in Peppermint 4)

See the list of affected kernels here:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6647
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline molen

  • Newly Subscribed
  • *
  • Posts: 23
  • Karma: 1
  • New Forum User
    • View Profile
  • Peppermint version(s): 4
Re: securitytopic!!!(SOLVED!)
« Reply #3 on: May 29, 2014, 11:38:41 pm »
Thank you for clear answer. There are in this case of Peppermint 4 no problems. Otherwise there will follow a fast update!!