lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <13E61BCA7787794E89BDF39B8DE40C024CD02D1F39@ioaexchange.ioactive.local>
Date: Thu, 23 Oct 2014 13:45:28 -0700
From: Alejandro Hernandez <alejandro.hernandez@...ctive.co.uk>
To: "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>
Subject: OpenBSD <= 5.5 Local Kernel Panic

OpenBSD <= 5.5 (All architectures) is prone to a local DoS condition by triggering a kernel panic through a malformed ELF executable.

A patch has been released to address this issue. See "013 Reliability Fix" at: 
http://www.openbsd.org/errata55.html#013_kernexec

More details and PoC code: 
http://www.ioactive.com/pdfs/IOActive_Advisory_OpenBSD_5_5_Local_Kernel_Panic.pdf


Regards,

Alejandro Hernandez
Senior Security Consultant

IOActive, Ltd
Mobile: (+521) 55 2515 7446
http://www.ioactive.com
alejandro.hernandez@...ctive.co.uk
"Using our past to secure your future"
The Americas | EMEA | AsiaPac

Powered by blists - more mailing lists