Re: [exim] [hs@schlittermann.de: Re: CVE-2017-1000369 | Exim…

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Heiko Schlittermann
日付:  
To: exim-users
題目: Re: [exim] [hs@schlittermann.de: Re: CVE-2017-1000369 | Exim 4.89+fixes]
Hi,


Cyborg <cyborg2@???> (Mi 21 Jun 2017 09:17:57 CEST):
> Am 21.06.2017 um 08:07 schrieb Heiko Schlittermann via Exim-users:
> > IF your distribution updated the packaged version of Exim 
> >    OR the underlying system

> >
> > THEN you're safe already and can stop reading.
> >
> >
>
> As the problem is not inside exim, but in the way, the os handles guard
> pages, the above assumption is WRONG!


Ok. Half wrong. If you have an updated packaged version of Exim, your
Exim can't be abused anymore as a vector. But other (suid?) programs
may.

> You need a patched kernel to be active. IF you are running a server, you
> NEED TO REBOOT your system with a new kernel.


So, to be really safe, you need an updated kernel, right.
(Which implies that you need to reboot after updating the kernel. (I
assume, that our audience knows about that :))

Thank you for pointing out that detail.

--
Heiko