1 |
Hi! |
2 |
|
3 |
On Tue, Feb 12, 2008 at 08:27:21AM +0100, Natanael Copa wrote: |
4 |
> Attatched is a slightly modified version of the exploit that should |
5 |
> compile for you. (uses sysconf(_SC_PAGE_SIZE) rather than PAGE_SIZE from |
6 |
> asm/page.h) |
7 |
|
8 |
Actually, such sort of mistakes in exploits exists just to prevent it |
9 |
compiling by people who unable to fix it, so it isn't really good idea to |
10 |
post fixed version in public maillist - at least you can send it using |
11 |
private email. |
12 |
|
13 |
Anyway, this exploit doesn't work as 'local root' on my |
14 |
'2.6.20-hardened-r10 SMP' - but looks like it leak some kernel memory on |
15 |
each execution, so running it in a `while :; do ...; done` will result in |
16 |
hang in about a minute, so it at least 'local DoS' exploit. |
17 |
|
18 |
Is there any plans to backport patch for this bug to .20 hardened kernel? |
19 |
I'm not upgraded yet to .23 kernel because of few issues with PaX |
20 |
mentioned in this maillist in last months... :( |
21 |
|
22 |
-- |
23 |
WBR, Alex. |
24 |
-- |
25 |
gentoo-hardened@l.g.o mailing list |