| 1 |
Hi! |
| 2 |
|
| 3 |
On Tue, Feb 12, 2008 at 08:27:21AM +0100, Natanael Copa wrote: |
| 4 |
> Attatched is a slightly modified version of the exploit that should |
| 5 |
> compile for you. (uses sysconf(_SC_PAGE_SIZE) rather than PAGE_SIZE from |
| 6 |
> asm/page.h) |
| 7 |
|
| 8 |
Actually, such sort of mistakes in exploits exists just to prevent it |
| 9 |
compiling by people who unable to fix it, so it isn't really good idea to |
| 10 |
post fixed version in public maillist - at least you can send it using |
| 11 |
private email. |
| 12 |
|
| 13 |
Anyway, this exploit doesn't work as 'local root' on my |
| 14 |
'2.6.20-hardened-r10 SMP' - but looks like it leak some kernel memory on |
| 15 |
each execution, so running it in a `while :; do ...; done` will result in |
| 16 |
hang in about a minute, so it at least 'local DoS' exploit. |
| 17 |
|
| 18 |
Is there any plans to backport patch for this bug to .20 hardened kernel? |
| 19 |
I'm not upgraded yet to .23 kernel because of few issues with PaX |
| 20 |
mentioned in this maillist in last months... :( |
| 21 |
|
| 22 |
-- |
| 23 |
WBR, Alex. |
| 24 |
-- |
| 25 |
gentoo-hardened@l.g.o mailing list |
Archives