|From:||Jon Masters <jonathan-AT-jonmasters.org>|
|To:||Development discussions related to Fedora <fedora-devel-list-AT-redhat.com>|
|Subject:||Re: Another linux kernel NULL pointer vulnerability ( exploit here )|
|Date:||Mon, 17 Aug 2009 14:00:19 -0400|
On Fri, 2009-08-14 at 21:23 +0200, Christoph Wickert wrote: > Am Freitag, den 14.08.2009, 14:39 -0300 schrieb Itamar Reis Peixoto: > > Hello guy's > > > > for the people who don't have updated the kernel. > > I'm running kernel-18.104.22.168-217.2.3.fc11.x86_64 and this one is not > supposed to be fixed, however... > > > http://grsecurity.net/%7Espender/wunderbar_emporium.tgz > > ... it doesn't work here. Although the author claims it's not stopped by > SELinux (he even mentions Dan by name), SELinux one more time saves the > world: FYI I saw a real life attempt to exploit this over the weekend on a machine of mine where someone had found a PHP exploit. Fortunately, I had already upgraded the kernel and their rootkit attempt failed, however it's worth emphasizing that this is certainly out there. I have more information on the rootkit they used for legitimate security researchers who are interested in the issue. Jon. -- fedora-devel-list mailing list email@example.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds