Re: [Full-disclosure] Linux kernel exploit

看板Bugtraq作者時間15年前 (2010/12/09 02:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串1/10 (看更多)
On Wed, Dec 08, 2010 at 12:44:09AM +0300, Kai wrote: > > > Anyone tested this in sandbox yet? > > 00:37 linups:../expl/kernel > cat /etc/*release* > openSUSE 11.3 (i586) > VERSION = 11.3 > 00:37 linups:../expl/kernel > uname -r > 2.6.34.4-0.1-desktop > 00:37 linups:../expl/kernel > gcc _2.6.37.local.c -o test > 00:37 linups:../expl/kernel > ./test > [*] Failed to open file descriptors. openSUSE 11.2 and 11.3 do not have ECONET compiled, openSUSE 11.1 has ECONET, but not the 0 ptr deref issue. The CVE-2010-4258 problem is however in all openSUSEs. Temporary workaround (for all distributions, not just openSUSE): echo 1 > /proc/sys/kernel/panic_on_oops This will now panic the machine instead of making it exploitable. Ciao, Marcus
更多 meissner. 的文章
文章代碼(AID): #1C_yVVpm (Bugtraq)
討論串 (同標題文章)
完整討論串 (本文為第 1 之 10 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共10篇)
更多 meissner. 的文章
文章代碼(AID): #1C_yVVpm (Bugtraq)