Archives
Archives
| From: | pageexec@××××××××.hu | ||
|---|---|---|---|
| To: | gentoo-hardened@l.g.o | ||
| Subject: | Re: [gentoo-hardened] latest kernel exploit patch for vmsplice coming? | ||
| Date: | Sun, 10 Feb 2008 22:42:12 | ||
| Message-Id: | 47AF8BC1.23011.95A6202A@pageexec.freemail.hu | ||
| In Reply to: | Re: [gentoo-hardened] latest kernel exploit patch for vmsplice coming? by Alex Howells |
||
| 1 | On 10 Feb 2008 at 22:32, Alex Howells wrote: |
| 2 | |
| 3 | > I wasn't sure we needed a special patch? |
| 4 | |
| 5 | it's a kernel bug so it obviously needs a patch, a fix is in the linus |
| 6 | tree now, i guess it'll be backported quickly. |
| 7 | |
| 8 | > Every single box I've tried this exploit on ranging from |
| 9 | > hardened-sources-2.6.17 through to hardened-sources-2.6.23, its been |
| 10 | > nailed. Could just be my kernel configuration? |
| 11 | |
| 12 | UDEREF prevents exploitation for good, even KERNEXEC alone would |
| 13 | prevent the kind of code execution that this exploit relies on. |
| 14 | |
| 15 | -- |
| 16 | gentoo-hardened@l.g.o mailing list |
| Subject | Author |
|---|---|
| Re: [gentoo-hardened] latest kernel exploit patch for vmsplice coming? | Ned Ludd <solar@g.o> |
| Re: [gentoo-hardened] latest kernel exploit patch for vmsplice coming? | Natanael Copa <natanael.copa@×××××.com> |