| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1df1788c0610031425p4f1ca206teb05590a91eb7659@mail.gmail.com> Date: Tue, 3 Oct 2006 18:25:07 -0300 From: "Bráulio Oliveira" <brauliobo@...il.com> To: linux-kernel@...r.kernel.org Subject: Fwd: Registration Weakness in Linux Kernel's Binary formats Just forwarding.... ---------- Forwarded message ---------- From: SHELLCODE Security Research <GoodFellas@...llcode.com.ar> Date: Oct 3, 2006 4:13 PM Subject: Registration Weakness in Linux Kernel's Binary formats To: undisclosed-recipients Hello, The present document aims to demonstrate a design weakness found in the handling of simply linked lists used to register binary formats handled by Linux kernel, and affects all the kernel families (2.0/2.2/2.4/2.6), allowing the insertion of infection modules in kernel space that can be used by malicious users to create infection tools, for example rootkits. POC, details and proposed solution at: English version: http://www.shellcode.com.ar/docz/binfmt-en.pdf Spanish version: http://www.shellcode.com.ar/docz/binfmt-es.pdf regards, -- SHELLCODE Security Research TEAM GoodFellas@...llcode.com.ar http://www.shellcode.com.ar - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists