Marcelo Tosatti has released the final 2.4.24 stable Linux kernel unchanged from 2.4.24-rc1. The main reason for the release was a local vulnerability in mremap() syscall, that allows local users to gain root privileges.
It's recommended that all users upgrade their kernel.
The upgraded 2.4.24 kernel release is available from numerous kernel.org mirrors.
For more information on this newly identified vulnerability, please read the announcement.
From: Marcelo Tosatti [email blocked] To: linux-kernel Subject: linux-2.4.24 released Date: Mon, 5 Jan 2004 05:55:57 -0800 final: - 2.4.24-rc1 was released as 2.4.24 with no changes. Summary of changes from v2.4.23 to v2.4.24-rc1 ============================================ <bjorn.helgaas:[blocked]>: o Fix 2.4 EFI RTC oops <marcelo.tosatti:[blocked]>: o Andrea Arcangeli: malicious users of mremap() syscall can gain priviledges <marcelo:[blocked]>: o Harald Welte: Fix ipchains MASQUERADE oops o Change EXTRAVERSION to 2.4.24-rc1 <trini:[blocked]>: o /dev/rtc can leak parts of kernel memory to unpriviledged users Jean Tourrilhes: o IrDA kernel log buster