Full Disclosure mailing list archives
Registration Weakness in Linux Kernel's Binary formats
From: SHELLCODE Security Research <GoodFellas () shellcode com ar>
Date: Tue, 03 Oct 2006 18:32:08 +0000
Hello, The present document aims to demonstrate a design weakness found in the handling of simply linked lists used to register binary formats handled by Linux kernel, and affects all the kernel families (2.0/2.2/2.4/2.6), allowing the insertion of infection modules in kernel space that can be used by malicious users to create infection tools, for example rootkits. POC, details and proposed solution at: English version: http://www.shellcode.com.ar/docz/binfmt-en.pdf Spanish version: http://www.shellcode.com.ar/docz/binfmt-es.pdf regards, -- SHELLCODE Security Research TEAM GoodFellas () shellcode com ar http://www.shellcode.com.ar
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Registration Weakness in Linux Kernel's Binary formats SHELLCODE Security Research (Oct 03)