Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for December 5, 2013
Deadline scheduling: coming soon?
LWN.net Weekly Edition for November 27, 2013
ACPI for ARM?
LWN.net Weekly Edition for November 21, 2013
I wrote a working PoC for the vulnerability today. It only takes 20 minutes for me (inside a
3.3ghz single-processor VM).
Stable kernel 126.96.36.199
Posted Jul 7, 2008 6:48 UTC (Mon) by nix (subscriber, #2304)
... and if it took you twenty minutes, your average script kiddie would
take weeks, if ever. (Of course, buying a copy from a blackhat with
similar skills would probably be faster.)
Posted Jul 7, 2008 7:49 UTC (Mon) by PaXTeam (subscriber, #24616)
the 20 mins was the runtime of the exploit, not its development time.
Posted Jul 7, 2008 19:43 UTC (Mon) by nix (subscriber, #2304)
I thought 20 minutes seemed awfully fast to write an exploit from scratch,
but I'm not very good at that sort of thing so I thought maybe skilled
people are faster.
(Still, if a random blackhat tries to eat that amount of CPU time on any
of my security-important systems all sorts of alarms would go off. But
maybe that's more paranoia than most people show, and I suppose if the
attacker knew about those monitoring systems he could distribute the
computational work among numerous processes and a long stretch of time.
Still, again, if an attacker knows that much, I'm dead anyway. Maybe this
is significant to unmonitored systems with untrusted local users, and I
suppose it makes it easier to escalate to root once you've got in via some
vulnerable network service, but if the attacker's managed that, again,
you're dead anyway: and most attackers these days don't *care* about
escalation to root: all they care about is being able to spam like crazy,
and being able to spy on the user, and an attack via, say, a browser
vulnerability will give them all of that.)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds