oss-sec mailing list archives
Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable
From: Marcus Meissner <meissner () suse de>
Date: Mon, 20 Jul 2009 12:01:47 +0200
On Fri, Jul 17, 2009 at 09:23:03AM +0200, yersinia wrote:
FYI, a Sprengler 0-day against Selinux null ptr dereference. Very Nice to see in action reference ( with youtube link ) http://grsecurity.net/~spender/cheddar_bay.tgz
Yeah. Some "minor" bugs and one larger one. The Linux folks have meanwhile: - Fixed the actual bug. ;) (CVE-2009-1897) Only affects 2.6.30,2.6.30.1. 2.6.30.2 release soon. - Added -fno-delete-null-pointers to their Makefiles Also in 2.6.30.2 and 2. - fixed the personality - PER_CLEAR_ON_SETTID inheritance issue (CVE-2009-1895) to work around mmap_min_addr protection. Affects 2.6.23-2.6.30.1 2.6.30.2 and 2.6.27.x releases soon. I am not sure about the SELinux policy error he used to exploit the RHEL 5.? Beta. Ciao, Marcus
Current thread:
- Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable yersinia (Jul 17)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Marcus Meissner (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Solar Designer (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Marcus Meissner (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Solar Designer (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Solar Designer (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Solar Designer (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Solar Designer (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Marcus Meissner (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Julien Tinnes (Jul 20)