[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] [ Suresec Advisories ] - Linux kernel ia32 compatibility (ia64/x86-64) race condition

To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] [ Suresec Advisories ] - Linux kernel ia32 compatibility (ia64/x86-64) race condition
From: Suresec Advisories <advisories@xxxxxxxxxxx>
Date: Mon, 11 Jul 2005 08:26:21 +0200

Suresec Security Advisory  - #00004
10/07/05

Linux kernel ia32 compatibility race condition Advisory: http://www.suresec.org/advisories/adv4.pdf <http://www.suresec.org/advisories/adv3.pdf>

Description:

A race condition vulnerability has been found in the ia32 compatibility execve() systemcall. The race condition may lead to heap corruption.

Risk:

Exploitation of this vulnerability may results in panics, oopses or in the worst case code exection at ring 0.

Credit:

The vulnerability was discovered by Ilja van Sprundel.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] [ Suresec Advisories ] - Linux kernel ia32 compatibility (ia64/x86-64) race condition
  - From: Juergen Schmidt

Prev by Date: [Full-disclosure] [FLSA-2005:152835] Updated dhcp package fixes security issue
Next by Date: [Full-disclosure] how to bypass rouge machine detection techniques
Previous by thread: [Full-disclosure] [FLSA-2005:152835] Updated dhcp package fixes security issue
Next by thread: Re: [Full-disclosure] [ Suresec Advisories ] - Linux kernel ia32 compatibility (ia64/x86-64) race condition
Index(es):
- Date
- Thread