[Tfug] Entertaining Exploit

Jordan Aberle jordan.aberle at gmail.com
Wed Nov 4 12:56:25 MST 2009


http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/

http://www.pubbs.net/openbsd/200911/4582/

"Red Midnight and other readers brought to our attention a bug in most
deployed versions of
Linux<http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/>
that
could result in untrusted users getting root access. The bug was found by
Brad Spengler last month.
*"The null pointer dereference flaw was only fixed in the upcoming 2.6.32
release candidate of the Linux kernel, making virtually all production
versions in use at the moment vulnerable. While attacks can be prevented by
implementing a common feature known as mmap_min_addr, the RHEL
distribution... doesn't properly implement that protection... The... bug is
mitigated by default on most Linux distributions, thanks to their correct
implementation of the mmap_min_addr feature. ... [Spengler] said many other
Linux users are also vulnerable because they run older versions or are
forced to turn off [mmap_min_addr] to run certain types of applications."*The
register reprints a dialog from the OpenBSD-misc mailing
list<http://www.pubbs.net/openbsd/200911/4582/> in
which Theo De Raadt says, "For the record, this particular problem was
resolved in OpenBSD a while back, in 2008. We are not super proud of the
solution, but it is what seems best faced with a stupid Intel architectural
choice. However, it seems that everyone else is slowly coming around to the
same solution." - Slashdot
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tfug.org/pipermail/tfug_tfug.org/attachments/20091104/4a00d6a9/attachment-0002.html>


More information about the tfug mailing list