[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Re: Second critical mremap() bug found in all Linux kernels
- To: full-disclosure@lists.netsys.com
- Subject: Re: [Full-Disclosure] Re: Second critical mremap() bug found in all Linux kernels
- From: Christophe Devine <devine@iie.cnam.fr>
- Date: Wed, 18 Feb 2004 16:59:15 +0100
Paul Starzetz <ihaquer@isec.pl> wrote:
> > This PoC exploit can be used to check if a Linux system is vulnerable
> > to the second do_mremap() bug; the code has only been tested on Linux
> > version 2.4.22 so far
> please do not post any exploit code(s) before a proper grace period.
Of course, I have no intention of releasing a local root exploit so early -
in fact I'm not even sure exactly how to exploit this bug in order to gain
elevated privileges. By the way, I'd like to apologize for not giving proper
credits to iSEC in the last two do_mremap() proof-of-concept exploit codes
I've posted on full-disclosure.
Christophe.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html