Article Source Ubuntu Security Notices
August 18, 2009, 10:37 pm
August 18, 2009, 10:37 pm
Tavis Ormandy and Julien Tinnes discovered that Linux did not correctly initialize certain socket operation function pointers. A local attacker could exploit this to gain root privileges. By default, Ubuntu 8.04 and later with a non-zero /proc/sys/vm/mmap_min_addr setting were not vulnerable…