| View previous topic :: View next topic |
| Author |
Message |
NightMonkey
Guru
Joined: 21 Mar 2003
Posts: 357
Location: Philadelphia, PA
|
 Posted: Fri Jan 07, 2005 10:53 pm Post subject: Local root exploit for all 2.4 and 2.6 kernels |
 |
|
Saw it on Bugtraq, now it's on Slashdot:
http://isec.pl/vulnerabilities/isec-0021-uselib.txt
Included code only compiles on 2.4 and gcc 3.2.*.
OK, so now, if nobody logs in, nobody gets hurt  . Oops, "nobody" can exploit this too  ... |
|
| Back to top |
|
 |
nielchiano
Veteran
Joined: 11 Nov 2003
Posts: 1287
Location: 50N 3E
|
| Posted: Fri Jan 07, 2005 10:59 pm Post subject: Re: Local root exploit for all 2.4 and 2.6 kernels |
|
|
| NightMonkey wrote: | | Included code only compiles on 2.4 and gcc 3.2.*. |
I can confirm that. just tried it on my 2.6.7-gentoo-r11. Compiles great, but fails to "allocate memory"
This DOES NOT MEAN that 2.6.* is free of this vulnerability; just the Proof-of-Concept code doesn't work for it... |
|
| Back to top |
|
|
NightMonkey
Guru
Joined: 21 Mar 2003
Posts: 357
Location: Philadelphia, PA
|
| Posted: Fri Jan 07, 2005 11:04 pm Post subject: Re: Local root exploit for all 2.4 and 2.6 kernels |
|
|
| nielchiano wrote: | | NightMonkey wrote: | | Included code only compiles on 2.4 and gcc 3.2.*. |
I can confirm that. just tried it on my 2.6.7-gentoo-r11. Compiles great, but fails to "allocate memory"
This DOES NOT MEAN that 2.6.* is free of this vulnerability; just the Proof-of-Concept code doesn't work for it... |
Hey, I hope that some super-ultra-mega-guru comes through with a valid test for the 2.6-series kernels and gcc 3.4! |
|
| Back to top |
|
|
gen2fox
Guru
Joined: 25 May 2004
Posts: 544
|
| Posted: Fri Jan 07, 2005 11:13 pm Post subject: |
|
|
Read that on /. a couple of minutes ago...
Even if nobody manages to come up with 2.6 code, many servers are still running 2.4, so it is an issue for many of us.
Hope a patch comes out soon. |
|
| Back to top |
|
|
didl
Retired Dev
Joined: 09 Sep 2003
Posts: 1106
Location: Pittsburgh, PA
|
|
| Back to top |
|
|
zerojay
Veteran
Joined: 09 Aug 2003
Posts: 1033
|
| Posted: Sat Jan 08, 2005 6:04 am Post subject: |
|
|
| 2.6.10-gentoo-dev-sources-r3 has the fix for this vulnerability. |
|
| Back to top |
|
|
nielchiano
Veteran
Joined: 11 Nov 2003
Posts: 1287
Location: 50N 3E
|
| Posted: Sat Jan 08, 2005 9:34 am Post subject: |
|
|
| DarkStalker wrote: | | 2.6.10-gentoo-dev-sources-r3 has the fix for this vulnerability. |
hmm, If you're really concerned about security you should try out hardened-dev-2.6.*
Is that series already patched? |
|
| Back to top |
|
|
zerojay
Veteran
Joined: 09 Aug 2003
Posts: 1033
|
| Posted: Sat Jan 08, 2005 11:59 am Post subject: |
|
|
| nielchiano wrote: | | DarkStalker wrote: | | 2.6.10-gentoo-dev-sources-r3 has the fix for this vulnerability. |
hmm, If you're really concerned about security you should try out hardened-dev-2.6.*
Is that series already patched? |
I used Gentoo Hardened for the past two months and got tired of not being able to compile programs that I need. |
|
| Back to top |
|
|
nielchiano
Veteran
Joined: 11 Nov 2003
Posts: 1287
Location: 50N 3E
|
| Posted: Sat Jan 08, 2005 12:07 pm Post subject: |
|
|
| DarkStalker wrote: | | I used Gentoo Hardened for the past two months and got tired of not being able to compile programs that I need. |
explain...
I don't think hardened-kernel prevents you from compiling programs; it restricts possible dangerous code-executions. |
|
| Back to top |
|
|
zerojay
Veteran
Joined: 09 Aug 2003
Posts: 1033
|
| Posted: Sat Jan 08, 2005 12:15 pm Post subject: |
|
|
| nielchiano wrote: | | DarkStalker wrote: | | I used Gentoo Hardened for the past two months and got tired of not being able to compile programs that I need. |
explain...
I don't think hardened-kernel prevents you from compiling programs; it restricts possible dangerous code-executions. |
You obviously haven't been using Gentoo Hardened then. Several of the changes made to GCC prevent certain programs from compiling and while the hardened guys are great people, if I asked them about stuff like this, they would just shrug their shoulders and say "I dunno". Even if the programs compile, it's no guarantee that they'll work, which also happened on a somewhat frequent basis. |
|
| Back to top |
|
|
nielchiano
Veteran
Joined: 11 Nov 2003
Posts: 1287
Location: 50N 3E
|
| Posted: Sat Jan 08, 2005 12:24 pm Post subject: |
|
|
| DarkStalker wrote: | | You obviously haven't been using Gentoo Hardened then. |
almost true; I'm playing a bit around with it on my server machine; till now no problems with it. But I don't need to compile programs on it (outside of portage), so that might also explain it.
| DarkStalker wrote: | | Even if the programs compile, it's no guarantee that they'll work, which also happened on a somewhat frequent basis. |
I'm just starting off in this matter, so forgive me my noob-ness: I read that the kernel will only kill a program if it violates some of the rules (execute writable memory, etc...) not just every program... |
|
| Back to top |
|
|
zerojay
Veteran
Joined: 09 Aug 2003
Posts: 1033
|
| Posted: Sat Jan 08, 2005 12:30 pm Post subject: |
|
|
| nielchiano wrote: | | DarkStalker wrote: | | You obviously haven't been using Gentoo Hardened then. |
almost true; I'm playing a bit around with it on my server machine; till now no problems with it. But I don't need to compile programs on it (outside of portage), so that might also explain it.
| DarkStalker wrote: | | Even if the programs compile, it's no guarantee that they'll work, which also happened on a somewhat frequent basis. |
I'm just starting off in this matter, so forgive me my noob-ness: I read that the kernel will only kill a program if it violates some of the rules (execute writable memory, etc...) not just every program... |
I'm not talking about compiling programs outside of portage at all. I'm talking about ebuilds in portage that exhibit errors causing the ebuild to fail that are specific to Gentoo Hardened. I never said anything about the kernel killing any programs. I'm talking about programs simply not functioning correctly at runtime. |
|
| Back to top |
|
|
didl
Retired Dev
Joined: 09 Sep 2003
Posts: 1106
Location: Pittsburgh, PA
|
| Posted: Sat Jan 08, 2005 12:36 pm Post subject: |
|
|
| DarkStalker wrote: |
I used Gentoo Hardened for the past two months and got tired of not being able to compile programs that I need. |
I have been using the hardened toolchain and hardened-dev-sources
for more than half a year now and there was only a single program
(xemacs) that would not compile initially, but even this one was
fairly simple to fix. Otherwise the hardened toolchain is running
like a charmm. I am very happy with it. |
|
| Back to top |
|
|
nielchiano
Veteran
Joined: 11 Nov 2003
Posts: 1287
Location: 50N 3E
|
| Posted: Sat Jan 08, 2005 12:39 pm Post subject: |
|
|
| DarkStalker wrote: | | I'm talking about programs simply not functioning correctly at runtime. |
Like which programs? apache? proftpd? sshd?
or more "fancy" things like X, KDE, Gnome, OpenOffice.org, ...? |
|
| Back to top |
|
|
zerojay
Veteran
Joined: 09 Aug 2003
Posts: 1033
|
| Posted: Sat Jan 08, 2005 12:40 pm Post subject: |
|
|
| didl wrote: | | DarkStalker wrote: |
I used Gentoo Hardened for the past two months and got tired of not being able to compile programs that I need. |
I have been using the hardened toolchain and hardened-dev-sources
for more than half a year now and there was only a single program
(xemacs) that would not compile initially, but even this one was
fairly simple to fix. Otherwise the hardened toolchain is running
like a charmm. I am very happy with it. |
I'd be happy with it too if I could have been able to use what I needed. |
|
| Back to top |
|
|
zerojay
Veteran
Joined: 09 Aug 2003
Posts: 1033
|
| Posted: Sat Jan 08, 2005 12:45 pm Post subject: |
|
|
| nielchiano wrote: | | DarkStalker wrote: | | I'm talking about programs simply not functioning correctly at runtime. |
Like which programs? apache? proftpd? sshd?
or more "fancy" things like X, KDE, Gnome, OpenOffice.org, ...? |
I had X and KDE working just fine, it's just some of the support stuff needed by other programs.. stuff like callgrind wouldn't compile and stuff like xine_lib would crash when playing a certain video type, etc. I guess the lack of people working on Hardened doesn't help either. I'll probably give hardened another shot in a few months because I really believe in the project and like what they've done with selinux, pax and grsecurity. I just wish that things I need would work with it. |
|
| Back to top |
|
|
imp
n00b
Joined: 03 Dec 2002
Posts: 45
Location: Belgrade, SCG
|
| Posted: Sat Jan 08, 2005 3:35 pm Post subject: |
|
|
DarkStalker:
You are talking about Hardened Gentoo distro, right? I think there is a bit of misunderstanding here: the others seem to talk about hardened-sources, not the (entire) Hardened Gentoo, which has patched GCC among other things.
_________________
blog :: bookmarks |
|
| Back to top |
|
|
zerojay
Veteran
Joined: 09 Aug 2003
Posts: 1033
|
| Posted: Sat Jan 08, 2005 8:27 pm Post subject: |
|
|
Yes, I am talking about the Gentoo Hardened distro because if I meant it was a hardened-dev-sources problem, I would have mentioned it.
Edit: That sounds a lot harsher than I meant it. Thanks for trying to unravel the confusion. |
|
| Back to top |
|
|
Frozen Flame
n00b
Joined: 24 Aug 2003
Posts: 6
Location: Finland
|
| Posted: Sun Jan 09, 2005 7:18 pm Post subject: |
|
|
I got gentoo-dev-sources 2.6.9-r10 on my router (with a few buddy accounts). I'm not concerned about my buds, but is my kernel exlpoitable?
If it its, could someone suggest me a agood alternative, hardenend perhaps ? |
|
| Back to top |
|
|
nielchiano
Veteran
Joined: 11 Nov 2003
Posts: 1287
Location: 50N 3E
|
| Posted: Sun Jan 09, 2005 9:41 pm Post subject: |
|
|
| Frozen Flame wrote: | I got gentoo-dev-sources 2.6.9-r10 on my router (with a few buddy accounts). I'm not concerned about my buds, but is my kernel exlpoitable?
If it its, could someone suggest me a agood alternative, hardenend perhaps ? |
Maybe read the post first:
| DarkStalker wrote: | | 2.6.10-gentoo-dev-sources-r3 has the fix for this vulnerability. |
|
|
| Back to top |
|
|
amne
Bodhisattva
Joined: 17 Nov 2002
Posts: 6378
Location: Graz / EU
|
| Posted: Mon Jan 10, 2005 8:04 pm Post subject: |
|
|
| DarkStalker wrote: | | 2.6.10-gentoo-dev-sources-r3 has the fix for this vulnerability. |
Some more are in -r4:
| Quote: | *gentoo-dev-sources-2.6.10-r4 (09 Jan 2005)
09 Jan 2005; Daniel Drake <dsd@gentoo.org>
+gentoo-dev-sources-2.6.10-r4.ebuild:
4 security fixes, get em while they are hot: moxa overflow, random poolsize
overflow, rlimit memlock dos, scsi ioctl overflow. Please test, this is going
to go stable soon.
|
|
|
| Back to top |
|
|
NightMonkey
Guru
Joined: 21 Mar 2003
Posts: 357
Location: Philadelphia, PA
|
| Posted: Mon Jan 10, 2005 8:11 pm Post subject: |
|
|
| amne wrote: | | DarkStalker wrote: | | 2.6.10-gentoo-dev-sources-r3 has the fix for this vulnerability. |
Some more are in -r4:
| Quote: | *gentoo-dev-sources-2.6.10-r4 (09 Jan 2005)
09 Jan 2005; Daniel Drake <dsd@gentoo.org>
+gentoo-dev-sources-2.6.10-r4.ebuild:
4 security fixes, get em while they are hot: moxa overflow, random poolsize
overflow, rlimit memlock dos, scsi ioctl overflow. Please test, this is going
to go stable soon.
|
|
Had a strange issue with vesa-tng on my AMD SMP box w/ nvidia GPU, but after switching to vesafb, things seem to be working well. No errors on dmesg. Same on PIII laptop. Yay! |
|
| Back to top |
|
|
|
Networking & Security
