[rsbac] Local root exploit in 2.4.22 and previous
Amon Ott
ao at rsbac.org
Tue Dec 2 11:36:07 CET 2003
Hello folks,
there is a local root exploit present in 2.4 kernels up to 2.4.22. The
following patch agains mm/mmap.c fixes it (offsets are from an RSBAC and PaX
patched kernel, expect offset warning!):
--- mmap.c~ Thu Nov 6 09:24:32 2003
+++ mmap.c Tue Dec 2 10:27:38 2003
@@ -1306,6 +1306,9 @@
if (!len)
return addr;
+ if ((addr + len) > TASK_SIZE || (addr + len) < addr)
+ return -EINVAL;
+
/*
* mlock MCL_FUTURE?
*/
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list