|
GCC 4.3.0 exposes a kernel bugGCC 4.3.0 exposes a kernel bugPosted Mar 24, 2008 12:52 UTC (Mon) by olecom (guest, #42886)In reply to: GCC 4.3.0 exposes a kernel bug by flewellyn Parent article: GCC 4.3.0 exposes a kernel bug
> It is hard to see how that could be turned into a security breach, > but it would be a mistake to assume that it can't. Other kernel bugs, > like the one that allowed the recent vmsplice() exploit, have looked > liked memory corruption, but were found to be more than that. | After a bit more poking around, we discovered how to alter the page | mappings so that sections of kernel and I/O memory were directly mapped | into all user address spaces.[2] [2] Talk about security holes! (C) 1992 http://valhenson.org/synthesis/SynthesisOS/ch7.html Not checking userspace supplied pointers is most basic security hole in userspace + kernel memory based systems. ______
(Log in to post comments)
|
Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.