Local root exploit on openSUSE 10.2/10.3

Marcus Meissner from the SUSE security team sent the following to the opensuse-security-announce mailing list:

As you are undoubtly aware a new local root exploit has been discovered on the weekend and reported to a wide audience.

The CVE identifier is CVE-2008-0600.

The problem affects only kernels 2.6.17 and newer, so it affects only following products:

• openSUSE 10.2 (2.6.18.x kernel)
• openSUSE 10.3 (2.6.22.x kernel)

Updates are in preparation for openSUSE 10.2 and 10.3 and will hopefully be released Tuesday morning German time.