1 |
On Tue, 2008-02-12 at 09:46 +0200, Alex Efros wrote: |
2 |
> Hi! |
3 |
> |
4 |
> On Tue, Feb 12, 2008 at 08:27:21AM +0100, Natanael Copa wrote: |
5 |
> > Attatched is a slightly modified version of the exploit that should |
6 |
> > compile for you. (uses sysconf(_SC_PAGE_SIZE) rather than PAGE_SIZE from |
7 |
> > asm/page.h) |
8 |
> |
9 |
> Actually, such sort of mistakes in exploits exists just to prevent it |
10 |
> compiling by people who unable to fix it, |
11 |
|
12 |
you mean ppl like you? |
13 |
it could also be that this code is very old as explained in the comment |
14 |
in the header and used to work. |
15 |
|
16 |
> so it isn't really good idea to |
17 |
> post fixed version in public maillist - at least you can send it using |
18 |
> private email. |
19 |
|
20 |
how do i know that you are not a "bad" guy that are "not supposed" to be |
21 |
able to compile it? |
22 |
|
23 |
> Anyway, this exploit doesn't work as 'local root' on my |
24 |
> '2.6.20-hardened-r10 SMP' - but looks like it leak some kernel memory on |
25 |
> each execution, so running it in a `while :; do ...; done` will result in |
26 |
> hang in about a minute, so it at least 'local DoS' exploit. |
27 |
> |
28 |
> Is there any plans to backport patch for this bug to .20 hardened kernel? |
29 |
> I'm not upgraded yet to .23 kernel because of few issues with PaX |
30 |
> mentioned in this maillist in last months... :( |
31 |
|
32 |
This one should apply or you can apply it manually. |
33 |
|
34 |
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=712a30e63c8066ed84385b12edbfb804f49cbc44 |
35 |
|
36 |
> -- |
37 |
> WBR, Alex. |
38 |
|
39 |
-- |
40 |
gentoo-hardened@l.g.o mailing list |