|
Dailydave
mailing list archives
Re: [oss-security] Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable
From: spender () grsecurity net (Brad Spengler)
Date: Mon, 20 Jul 2009 09:36:52 -0400
I am not sure about the SELinux policy error he used to
exploit the RHEL 5.? Beta.
It was a default RHEL 5.3 SELinux policy. The same vulnerability from
the policy exists in Fedora 10 and 11. I haven't tested anything else,
but I imagine lots more are vulnerable (and it doesn't matter what
kernel you're running). There will be a CVE for this vulnerability as
well.
(Really there should have been a CVE for the lack of
-fno-delete-null-pointer-checks instead of pretending the only problem
was /dev/net/tun. As the commit to add it showed (and at least 10 other
commits to the kernel this weekend) lots of other code was affected, so
someone not applying a fix for a CVE mentioning only /dev/net/tun
because they don't have the code for /dev/net/tun compiled in, is going
to be missing out on a number of fixes).
-Brad
Attachment:
signature.asc
Description: Digital signature
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
 By Date 
By Thread
Current thread:
|
Intro
