RE: [Vserver] ELF Loader Bug exploitable inside a vServer:
 vserver development mailing list 
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
About this list Date view Thread view Subject view Author view Attachment view

From: Mike Tierney (miket_at_marketview.co.nz)
Date: Thu 12 May 2005 - 22:55:57 BST

> From: vserver-bounces_at_list.linux-vserver.org [mailto:vserver-
> bounces_at_list.linux-vserver.org] On Behalf Of Oliver Welter
>
> Hello Herbert,
>
> >>serious problem:
> >>I read about the new BufferOverflow in the kernel's ELF Loader - it
> >>seems that an unprivileged attacker can start process in the kernels
> >>context..
> >
> > details?
> >
> > - which issue?
> > - what kernels are affected?
> > - how does the 'exploit' look like?
>
> I reffered to the Announce on heise
> (http://www.heise.de/newsticker/meldung/59498) - I did not any
> additional research as I dont have much knowldeg about kernel but this
> one here sounds serioius as it might allow loading a compromised
> kernel-space programm by simply running an infected binary....
>
> Oliver

This has been fixed in kernel release 2.6.11.9 according to
http://secunia.com/advisories/15341

_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 12 May 2005 - 22:56:25 BST by hypermail 2.1.3