[Tfug] Linux bug discovered

John Kiniston tfug at lzrd.net
Tue Jun 15 19:02:57 MST 2004 

Yay another i386 platform exploit.

Can anyone recall the last time one of these kernel based exploits=20
affected arm, sparc , sparc64, mips or ppc ?

On Jun 15, 2004, at 9:14 AM, Angus Scott-Fleming wrote:

> Unconfirmed ... but the M$ folks will have a field day with this one=20=

> if it's
> true and exploited ... Text from the LinuxReview.org article says:
>
>   Using this exploit to crash Linux systems requires the
>   (ab)user to have shell access or other means of
>   uploading and running the program (like cgi-bin and FTP
>   access). The program works on any normal user account,
>   root access is not required.
>
> ------- Included Stuff Follows -------
> Linux bug discovered
>  Linus has fixed it
>  By Nick Farrell: Tuesday 15 June 2004, 09:51
>
>   A LINUX BUG has been discovered which allows a whole
>   system to be exploited by a simple C program.
>
>   On the site Linuxreviews.org the discoverer =D8yvind
>   S=E6ther, from Norway, said that using the exploit
>   requires the (ab)user to have shell access or other
>   means of uploading and running the program=97like cgi-bin
>   and FTP access. Then it is just a matter of running this
>   code which works on any normal user account.
>
>   Along with the code needed to use the exploit, S=E6ther
>   also posted several patches to 2.4 and 2.6 kernels that
>   will keep the exploit from crashing systems. The 2.4.xx
>   kernel patch can be found here. A patch for the 2.6
>   kernel can be found here.
>
>   The exploit works because the Linux kernels signal
>   handler isn't handling floating-point (FP) exceptions
>   correctly.
>
>   Linus Torvalds has admitted that there is a path into
>   the kernel where if there is a pending FP error, the
>   kernel will end up taking an FP exception, and it will
>   continue to take the FP exception forever. He reckons he
>   has fixed it and if he was not moving house he would
>   have released a 2.6.7 already.
>
> --------- Included Stuff Ends ---------
>
> Links to more details and fixes embedded in story at
> http://www.theinquirer.net/?article=3D16596
>
>
> _______________________________________________
> tfug mailing list
> tfug at tfug.org
> https://www.tfug.org/mailman/listinfo/tfug

More information about the tfug mailing list