Dailydave mailing list archives
Re: Remote kernel bug in SCTP?
From: Gabriel Campana <gabriel.campana () security-labs org>
Date: Mon, 16 Mar 2009 19:41:34 +0100
Actually, the slab allocator has been replaced by the slub, but in both cases exploitation remains the same. Thanks for pointing out the error. Regards, Gabriel Campana Fionnbharr a écrit :
The french article talks about slab exploitation with a nod to qobaiashi's paper but slub became the default allocator 2.6.22 (I think). The bug existed between "2.6.24-rc1 through 2.6.26.3". 2009/3/14 Nicolas RUFF <nruff () security-labs org>:Did everyone else already know about this bug? So you connect to an SCTP endpoint, then send a packet to overwrite arbitrary kernel data? That'd be cool.If you can read French (and I know some people in your team does ;), you will find more information about this bug here: http://esec.fr.sogeti.com/blog/index.php?2009/01/08/48-correction-silencieuse-d-une-vulnerabilite-dans-le-noyau-linux Regards, - Nicolas RUFF _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Remote kernel bug in SCTP? dave (Mar 13)
- Re: Remote kernel bug in SCTP? Nicolas RUFF (Mar 14)
- Re: Remote kernel bug in SCTP? Dragos Ruiu (Mar 14)
- Re: Remote kernel bug in SCTP? Fionnbharr (Mar 15)
- Re: Remote kernel bug in SCTP? Gabriel Campana (Mar 16)
- Re: Remote kernel bug in SCTP? Nicolas RUFF (Mar 16)
- Re: Remote kernel bug in SCTP? Nicolas RUFF (Mar 14)