[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Confirm? New local root exploits



On Fri, 2005-01-07 at 17:52 -0500, Alan Cox wrote:

Its fixed in 2.6.10-ac6 along with the following
> 	-	DoS/oops in setsid (user triggerable)
> 	-	Coda unverified user data (only if using Coda)
> 	-	XFS unverified user data (only if using XFS)
> 	-	Bridge ioctl (only if using bridge and already net_admin)
> 	-	Rose ioctl (only if using rose and already net_admin)
> 	-	SDLA firmware ioctls (only if net_admin and using sdla)


Brad Spengler send a mail to the grsecurity list, and He wrote:

3) 2.4/2.6 random poolsize sysctl handler integer overflow
4) 2.6 scsi ioctl integer overflow and information leak
5) 2.2/2.4/2.6 moxa serial driver bss overflow
6) 2.4/2.6 RLIMIT_MEMLOCK bypass and (2.6) unprivileged user DoS
7) Attachments, including patches for all vulns, a POC for #3, and a
   working exploit for #6

He talk about 2.4.28, and 2.6.10. If You want, I can forward the whole
message.

The -ac6 patch fixed those problems?

-- 
Fonya

     Amióta NT-t installáltam a porszívómra, semmi szívás nincs vele.
                PGP key ID F86614E5, GPG key ID 83AD9365



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]