oss-sec mailing list archives
Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable
From: Greg KH <greg () kroah com>
Date: Mon, 20 Jul 2009 07:44:32 -0700
On Mon, Jul 20, 2009 at 12:01:47PM +0200, Marcus Meissner wrote:
On Fri, Jul 17, 2009 at 09:23:03AM +0200, yersinia wrote:FYI, a Sprengler 0-day against Selinux null ptr dereference. Very Nice to see in action reference ( with youtube link ) http://grsecurity.net/~spender/cheddar_bay.tgzYeah. Some "minor" bugs and one larger one. The Linux folks have meanwhile: - Fixed the actual bug. ;) (CVE-2009-1897) Only affects 2.6.30,2.6.30.1. 2.6.30.2 release soon. - Added -fno-delete-null-pointers to their Makefiles Also in 2.6.30.2 and 2. - fixed the personality - PER_CLEAR_ON_SETTID inheritance issue (CVE-2009-1895) to work around mmap_min_addr protection. Affects 2.6.23-2.6.30.1 2.6.30.2 and 2.6.27.x releases soon.
2.6.30.2 and 2.6.27.27 releases happened about 8 hours ago. thanks, greg k-h
Current thread:
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable, (continued)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Solar Designer (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Marcus Meissner (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Solar Designer (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Solar Designer (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Solar Designer (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Solar Designer (Jul 20)
- Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Julien Tinnes (Jul 20)