1 |
On 10/02/2008, Mike Rellion <m.rellion@×××××.com> wrote: |
2 |
> With this latest root exploit getting a lot of attention will we get a |
3 |
> hardened patch for this soon? |
4 |
> |
5 |
> There is a runtime fix at: |
6 |
> http://www.ping.uio.no/~mortehu/disable-vmsplice-if-exploitable.c |
7 |
> but grsec sadly prevents the runtime fix from running for those of us |
8 |
> running it as it denies kmem writing. We could recompile without grsec to |
9 |
> apply this runtime patch but that is certainly a hack. |
10 |
|
11 |
I wasn't sure we needed a special patch? |
12 |
|
13 |
Every single box I've tried this exploit on ranging from |
14 |
hardened-sources-2.6.17 through to hardened-sources-2.6.23, its been |
15 |
nailed. Could just be my kernel configuration? |
16 |
-- |
17 |
gentoo-hardened@l.g.o mailing list |