Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Second critical mremap() bug found in all Linux kernels

From: Christophe Devine <devine () iie cnam fr>
Date: Wed, 18 Feb 2004 16:59:15 +0100
Paul Starzetz <ihaquer () isec pl> wrote:


This PoC exploit can be used to check if a Linux system is vulnerable
to the second do_mremap() bug; the code has only been tested on Linux
version 2.4.22 so far



please do not post any exploit code(s) before a proper grace period.


Of course, I have no intention of releasing a local root exploit so early -
in fact I'm not even sure exactly how to exploit this bug in order to gain
elevated privileges. By the way, I'd like to apologize for not giving proper
credits to iSEC in the last two do_mremap() proof-of-concept exploit codes
I've posted on full-disclosure.

Christophe.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: