Bugtraq mailing list archives
Re: major security bug in reiserfs (may affect SuSE Linux)
From: Gigi Sullivan <sullivan () SIKUREZZA ORG>
Date: Wed, 10 Jan 2001 21:28:59 +0100
Aiee :) Hello! On Wed, Jan 10, 2001 at 12:42:01AM +0100, Marc Lehmann wrote:
Since a kernel oops results (see below), this indicates a buffer overrun (the kernel jumps to address 78787878, which is "xxxx") inside the kernel,
AFAIK this won't indicate _always_ a buffer overrun in kernel land. Just think about dereferenced NULL pointer for example. [snip]
Unable to handle kernel paging request at virtual address 78787878 current->tss.cr3 = 0d074000, %cr3 = 0d074000 *pde = 00000000 Oops: 0002 CPU: 0 EIP: 0010:[<c013f875>] EFLAGS: 00010282 eax: 00000000 ebx: bfffe78c ecx: 00000000 edx: bfffe78c esi: ccbddd62 edi: 78787878 ebp: 00000300 esp: ccbddd3c ds: 0018 es: 0018 ss: 0018 Process bash (pid: 292, process nr: 54, stackpage=ccbdd000) Stack: c013f66a ccbddf6c cd100000 ccbddd62 0000030c c0136d49 00000700 00002013 00001000 7878030c 78787878 78787878 78787878 78787878 78787878 78787878 78787878 78787878 78787878 78787878 78787878 78787878 78787878 78787878 Call Trace: [<c013f66a>] [<c0136d49>] Code: 89 1f 8b 44 24 18 29 47 08 31 c0 5b 5e 5f 5d 81 c4 2c 01 00
Unfortunatly Oops messages aren't usefull if no decoded using ksymoops for example. That said, Oops shouldn't be good, so issues may be present. Try it out and let us know, please :)
-- -----==- | ----==-- _ | ---==---(_)__ __ ____ __ Marc Lehmann +-- --==---/ / _ \/ // /\ \/ / pcg () opengroup org |e| -=====/_/_//_/\_,_/ /_/\_\ XX11-RIPE --+ The choice of a GNU generation |
bye bye -- gg sullivan -- Lorenzo Cavallaro `Gigi Sullivan' <sullivan () sikurezza org> LibRNet Project Home Page: http://www.sikurezza.org/sullivan LibRNet Mailing List: librnet-subscribe () egroups com Until I loved, life had no beauty; I did not know I lived until I had loved. (Theodor Korner)
Current thread:
- major security bug in reiserfs (may affect SuSE Linux) Marc Lehmann (Jan 09)
- Re: [reiserfs-list] major security bug in reiserfs (may affect SuSE Linux) John Morrison (Jan 09)
- Re: [reiserfs-list] major security bug in reiserfs (may affect SuSE Linux) Chris Mason (Jan 09)
- Re: [reiserfs-list] major security bug in reiserfs (may affect SuSE Linux) Vladimir V. Saveliev (Jan 09)
- Re: major security bug in reiserfs (may affect SuSE Linux) Andreas Ferber (Jan 10)
- Re: major security bug in reiserfs (may affect SuSE Linux) Mark Glines (Jan 12)
- Re: major security bug in reiserfs (may affect SuSE Linux) Jack Coates (Jan 12)
- Re: major security bug in reiserfs (may affect SuSE Linux) Gigi Sullivan (Jan 10)
- Re: major security bug in reiserfs (may affect SuSE Linux) Christian Zuckschwerdt (Jan 10)
- Re: major security bug in reiserfs (may affect SuSE Linux) Ryan Russell (Jan 10)
- Re: major security bug in reiserfs (may affect SuSE Linux) Christian Zuckschwerdt (Jan 10)
- Re: major security bug in reiserfs (may affect SuSE Linux) Felix von Leitner (Jan 12)
- Re: major security bug in reiserfs (may affect SuSE Linux) Ryan Russell (Jan 10)
- <Possible follow-ups>
- Re: major security bug in reiserfs (may affect SuSE Linux) Marc Lehmann (Jan 10)
- Re: major security bug in reiserfs (may affect SuSE Linux) Ben Greenbaum (Jan 10)
- Re: major security bug in reiserfs (may affect SuSE Linux) Thomas Mangin (Jan 12)