lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20101208142656.GC3976@suse.de>
Date: Wed, 8 Dec 2010 15:26:56 +0100
From: Marcus Meissner <meissner@...e.de>
To: Kai <kai@...nn.net>
Cc: "Cal Leeming [Simplicity Media Ltd]" <cal.leeming@...plicitymedialtd.co.uk>,
	full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: [Full-disclosure] Linux kernel exploit

On Wed, Dec 08, 2010 at 12:44:09AM +0300, Kai wrote:
> 
>  > Anyone tested this in sandbox yet?
> 
> 00:37 linups:../expl/kernel > cat /etc/*release*
> openSUSE 11.3 (i586)
> VERSION = 11.3
> 00:37 linups:../expl/kernel > uname -r
> 2.6.34.4-0.1-desktop
> 00:37 linups:../expl/kernel > gcc _2.6.37.local.c -o test
> 00:37 linups:../expl/kernel > ./test
> [*] Failed to open file descriptors.

openSUSE 11.2 and 11.3 do not have ECONET compiled,
openSUSE 11.1 has ECONET, but not the 0 ptr deref issue.

The CVE-2010-4258 problem is however in all openSUSEs.

Temporary workaround (for all distributions, not just openSUSE):
	echo 1 > /proc/sys/kernel/panic_on_oops
This will now panic the machine instead of making it exploitable.

Ciao, Marcus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ