[rsbac] New serious kernel vulnerability

Amon Ott ao at rsbac.org
Fri Jan 9 08:19:44 CET 2004

On Freitag, 9. Januar 2004 01:48, Roberto Nibali wrote:
> > Unfortunately, a new serious kernel vulnerability has been discovered in 
> > 2.4 series. The attached patch fixes the code in the sys_mremap system 
> > it is included in the just released 2.4.24 kernel.
> I doubt it's really serious. The 2.2.x series is definitely not affected and 
> you follow the kernel control path for a possible exploitation in the 2.4.x 
> 2.6.x series it's highly doubtable one can use something to inject malicious 
> code. YMMV of course, only code speaks the truth.

Still, it can reboot the system, which is a quite effective DoS attack. 

Further attack paths through this call are unknown, but not yet proven 
impossible. A root compromise has been claimed, what sounds serious enough to 
> > Exploit code has been claimed to be existing, but has not yet been 
> Try following code if you need some testing:
> http://linuxfromscratch.org/~devine/mremap_poc.c

Seen that, thank you.

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

More information about the rsbac mailing list