| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: ml-daniel at lorch.cc (Daniel Lorch) Subject: Second critical mremap() bug found in all Linux kernels -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hi I checked LKML and Marcelo seems to recommend upgrading to 2.4.25. This is currently not an option for me, as grsecurity-1.9.13- 2.4.24.patch won't properly apply against it. A friend (thanks, Eike Frost) then pointed me to the following URL (bkbits reposi- tory): http://linux.bkbits.net:8080/linux-2.4/diffs/mm/mremap.c@...?nav=index.html|ChangeSet@...|cset@...323 After applying this patch the PoC provided by Christophe Devine reports "kernel my not be vulnerable". This seems to have resolved the issue. Hope this helps others, too. $ uname -a Linux tsunami4 2.4.24-grsec #3 Thu Feb 19 01:00:39 CET 2004 i686 unknown $ ./a.out mmap: Cannot allocate memory created ~65531 VMAs now mremapping 0x3FFE9000 at 0x3FFE5000 kernel may not be vulnerable daniel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFANARrS2WJ/hBy2k8RAsDgAKDsgrKBcskZP9aZjsoAj8BmwIgDYACgtBxA xC9pqZXxm585HcC4aO0XEvw= =wKiN -----END PGP SIGNATURE-----
Powered by blists - more mailing lists