[rsbac] New serious kernel vulnerability

Roberto Nibali ratz at tac.ch
Fri Jan 9 01:48:27 CET 2004


> Unfortunately, a new serious kernel vulnerability has been discovered in the 
> 2.4 series. The attached patch fixes the code in the sys_mremap system call, 
> it is included in the just released 2.4.24 kernel.

I doubt it's really serious. The 2.2.x series is definitely not affected and if 
you follow the kernel control path for a possible exploitation in the 2.4.x and 
2.6.x series it's highly doubtable one can use something to inject malicious 
code. YMMV of course, only code speaks the truth.

> Exploit code has been claimed to be existing, but has not yet been published.

Try following code if you need some testing:


HTH and best regards,
Roberto Nibali, ratz
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc

More information about the rsbac mailing list