User: Password:
|
|
Subscribe / Log in / New account

A survey of recent kernel vulnerabilities

A survey of recent kernel vulnerabilities

Posted Oct 20, 2005 23:47 UTC (Thu) by tialaramex (subscriber, #21167)
Parent article: A survey of recent kernel vulnerabilities

"A hostile UDP packet could cause the 8021Q VLAN code to oops" doesn't really match either the longer and more detailed explanation in the linked Debian bug report, or the supplied patch, or the stacktrace recorded.

Those tell another story, which is that a privileged ioctl() was faulty, and this ioctl() was used by an SNMP daemon which answers UDP packets. No SNMP daemon, no exploit.

In this sense the ptrace() bug is also remotely exploitable, you just ssh into the affected machine and execute an exploit.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds