|
Dailydave
mailing list archives
Re: [oss-security] Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable
From: Marcus Meissner <meissner () suse de>
Date: Mon, 20 Jul 2009 12:01:47 +0200
On Fri, Jul 17, 2009 at 09:23:03AM +0200, yersinia wrote:
FYI, a Sprengler 0-day against Selinux null ptr dereference. Very Nice
to see in action
reference ( with youtube link )
http://grsecurity.net/~spender/cheddar_bay.tgz
Yeah.
Some "minor" bugs and one larger one.
The Linux folks have meanwhile:
- Fixed the actual bug. ;) (CVE-2009-1897)
Only affects 2.6.30,2.6.30.1.
2.6.30.2 release soon.
- Added -fno-delete-null-pointers to their Makefiles
Also in 2.6.30.2 and 2.
- fixed the personality - PER_CLEAR_ON_SETTID inheritance issue (CVE-2009-1895)
to work around mmap_min_addr protection.
Affects 2.6.23-2.6.30.1
2.6.30.2 and 2.6.27.x releases soon.
I am not sure about the SELinux policy error he used to
exploit the RHEL 5.? Beta.
Ciao, Marcus
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
 By Date 
By Thread
Current thread:
- Re: [oss-security] Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Marcus Meissner (Jul 20)
|
Intro
