OpenVZ Forum: Discussions » Kernel Exploit, affect OpenVZ?

Home » General » Discussions » Kernel Exploit, affect OpenVZ?

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: Kernel Exploit, affect OpenVZ? [message #27202 is a reply to message #27187]

Tue, 12 February 2008 00:15

Valmont
Messages: 225
Registered: September 2005

Senior Member

I can confirm, what at least one exploit does not work

 Linux vmsplice Local Root Exploit
 By qaaz
-----------------------------------
[+] mmap: 0x100000000000 .. 0x100000001000
[+] page: 0x100000000000
[+] page: 0x100000000038
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4038
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0x2aaaaaab9000 .. 0x2aaaaaaeb000
[-] vmsplice: Bad address

after patch from src.rpm ( http://erek.blumenthals.com/blog/2008/02/11/rhel-5-centos-5- kernel-rpms-patched-against-vmsplice-local-root-exploit/ ):

--- a/fs/splice.c
+++ b/fs/splice.c
@@ -1234,7 +1234,7 @@ static int get_iovec_page_array(const struct iovec __user *iov,
                if (unlikely(!len))
                        break;
                error = -EFAULT;
-               if (unlikely(!base))
+               if (!access_ok(VERIFY_READ, base, len))
                        break;

                /*

Another sploit does not compile on x86_64 with next error
: "Error: Incorrect register `%rax' used with `l' suffix"

So I just realy don't know.

And, as I understand, very soon RedHat will release their solution. After Qa tests.

https://bugzilla.redhat.com/show_bug.cgi?id=432251

[Updated on: Tue, 12 February 2008 00:16]

Report message to a moderator

[Message index]

		Kernel Exploit, affect OpenVZ? By: duswil on Sun, 10 February 2008 22:43
		Re: Kernel Exploit, affect OpenVZ? By: duswil on Sun, 10 February 2008 22:47
		Re: Kernel Exploit, affect OpenVZ? By: Avi Brender on Sun, 10 February 2008 23:39
		Re: Kernel Exploit, affect OpenVZ? By: Valmont on Mon, 11 February 2008 09:41
		Re: Kernel Exploit, affect OpenVZ? By: blueboxgroup on Mon, 11 February 2008 04:53
		Re: Kernel Exploit, affect OpenVZ? By: Avi Brender on Mon, 11 February 2008 14:53
		Re: Kernel Exploit, affect OpenVZ? By: Valmont on Mon, 11 February 2008 15:05
		Re: Kernel Exploit, affect OpenVZ? By: Avi Brender on Mon, 11 February 2008 17:40
		Re: Kernel Exploit, affect OpenVZ? By: Valmont on Mon, 11 February 2008 18:44
		Re: Kernel Exploit, affect OpenVZ? By: Valmont on Tue, 12 February 2008 00:15
		Re: Kernel Exploit, affect OpenVZ? By: Valmont on Tue, 12 February 2008 08:41
		Re: Kernel Exploit, affect OpenVZ? By: Valmont on Tue, 12 February 2008 23:15
		Re: Kernel Exploit, affect OpenVZ? By: Avi Brender on Wed, 13 February 2008 17:16

Previous Topic:	Hiring: OpenVZ / Other Virtualization engineers and devs
Next Topic:	Virtuozzo to OpenVZ?

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Sun Sep 15 22:23:47 GMT 2024

Total time taken to generate the page: 0.03700 seconds