|
Re: Linux kernel null pointer bug [message #37088 is a reply to message #37067] |
Tue, 18 August 2009 12:35 |
khorenko
Messages: 533 Registered: January 2006 Location: Moscow, Russia
|
Senior Member |
|
|
Hi.
2.6.18-128.2.1.el5.028stab064.4 kernel (latest stable OVZ) is immune to the exploits on the issue.
The kernel is immune due to the fact that 64.4 kernel has the bypassing "mmap_min_addr" issue fixed:
http://blog.cr0.org/2009/06/bypassing-linux-null-pointer.htm l - description of the problem
Exploits for the current issue, in their turn, need this hole to gain root access.
--
Konstantin
If your problem is solved - please, report it!
It's even more important than reporting the problem itself...
|
|
|
|
|
Re: Linux kernel null pointer bug [message #37195 is a reply to message #37191] |
Wed, 26 August 2009 06:54 |
khorenko
Messages: 533 Registered: January 2006 Location: Moscow, Russia
|
Senior Member |
|
|
Quote: | but still it's possible to destabilize the kernel with a failed exploit attempt
|
Not exactly: you need to modify exploit to do this. But yes, it's possible, but again - from Hardware Node only.
Yes, we've already seen that, thank you.
--
Konstantin
If your problem is solved - please, report it!
It's even more important than reporting the problem itself...
|
|
|
Re: Linux kernel null pointer bug [message #37196 is a reply to message #37195] |
Wed, 26 August 2009 07:17 |
lazy
Messages: 16 Registered: January 2008
|
Junior Member |
|
|
finist wrote on Wed, 26 August 2009 02:54 | Quote: | but still it's possible to destabilize the kernel with a failed exploit attempt
|
Not exactly: you need to modify exploit to do this. But yes, it's possible, but again - from Hardware Node only.
Yes, we've already seen that, thank you.
|
I recall when when I started one of the exploits from 32 bit guest(64 bit host), its process got blocked in kernel space and I couldn't enter any other vps, reboot machine properly etc.
when I have some time I will recheck it (maybe after all I wasn't running 64.4 on that machine) exploit was modified to run without kernel symbols in /proc
patched machines are working fine, is applying mentioned patch is sufficient ? (debian is using this patch for etch kernel so i guess it's safe to think so)
thanks for Your answer
--
Lazy
[Updated on: Wed, 26 August 2009 07:22] Report message to a moderator
|
|
|