New Linux Flaw Enables Null Pointer Exploits

Robert Brockway robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at public.gmane.org
Sat Jul 18 16:58:44 UTC 2009


On Sat, 18 Jul 2009, Jamon Camisso wrote:

> It is an interesting bug because it is a compiler related optimization that 
> creates the conditions necessary to exploit it.

Yes. Unfortunately compiler optimisation bugs are more common that a lot 
of people expect.  They are very frustrating as a review of the source 
code won't reveal the bug.  Only testing or a review of the binary will.

> I doubt many people are running 2.6.30/2.6.30.1, and even fewer with 
> SELinux/AppArmor etc. Pretty niche, but a great discovery on the researcher's 
> part.

Agreed.   If this is found to exploit earlier versions it could be bad.

I just watched this http://www.youtube.com/watch?v=UdkpJ13e6Z0

Based on that it is a local root exploit.  Since it is in the net/tun 
code I was a bit concerned it might be remotely exploitable.

Cheers,

Rob

-- 
I tried to change the world but they had a no-return policy
Projected IPv4 exhaustion: http://www.potaroo.net/tools/ipv4/index.html
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list