New Linux Flaw Enables Null Pointer Exploits
Jamon Camisso
jamon.camisso-H217xnMUJC0sA/PxXw9srA at public.gmane.org
Sat Jul 18 16:04:15 UTC 2009
Michael Lauzon wrote:
> From the article:
>
> A researcher has published exploit code for a new vulnerability he
> discovered in the Linux kernel. The vulnerability is an especially
> interesting one in that the researcher who discovered it, Brad
> Spengler, has demonstrated that he can use the weakness to defeat many
> of the add-on security protections offered by SELinux and AppArmor.
>
> The vulnerability affects both the 2.6.30 and 2.6.30.1 releases of the
> Linux kernel, and in a message to the Daily Dave mailing list Spengler
> said that he was able to exploit the flaw. He said that he was able to
> defeat the protection against exploiting NULL pointer dereferences on
> systems running SELinux and those running typical Linux
> implementations. SELinux is a set of security enhancements to the
> Linux OS developed by the National Security Agency.
>
> Link: http://threatpost.com/blogs/researcher-uses-new-linux-kernel-flaw-bypass-selinux-other-protections
It is an interesting bug because it is a compiler related optimization
that creates the conditions necessary to exploit it.
http://isc.sans.org/diary.html?storyid=6820
I doubt many people are running 2.6.30/2.6.30.1, and even fewer with
SELinux/AppArmor etc. Pretty niche, but a great discovery on the
researcher's part.
Jamon
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list