| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1159902785.2855.34.camel@goku.staff.locallan> Date: Tue, 03 Oct 2006 19:13:05 +0000 From: SHELLCODE Security Research <GoodFellas@...llcode.com.ar> To: undisclosed-recipients:; Subject: Registration Weakness in Linux Kernel's Binary formats Hello, The present document aims to demonstrate a design weakness found in the handling of simply linked lists used to register binary formats handled by Linux kernel, and affects all the kernel families (2.0/2.2/2.4/2.6), allowing the insertion of infection modules in kernel space that can be used by malicious users to create infection tools, for example rootkits. POC, details and proposed solution at: English version: http://www.shellcode.com.ar/docz/binfmt-en.pdf Spanish version: http://www.shellcode.com.ar/docz/binfmt-es.pdf regards, -- SHELLCODE Security Research TEAM GoodFellas@...llcode.com.ar http://www.shellcode.com.ar - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists