Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Thu, 12 Feb 2009 20:05:27 +0000 (GMT)
From: Mark J Cox <mjc@...hat.com>
To: OSS Security List <oss-security@...ts.openwall.com>
Subject: Re: http://www.securityfocus.com/bid/33672/info kernel
 issue

> http://www.securityfocus.com/bid/33672/ seems to be this commit:
> http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.28.y.git;a=commit;h=8255fc826e58c0a59711029e01db9fcdc06ba211
> Not sure if its exploitable though.

BTW that BID list of affected kernels isn't correct; the multibyte stuff 
wasn't in <=2.6.18 at least.

I didn't check exactly where since it doesn't affect RHEL and didn't look 
into the issue any further -- but on first glance it seemed like you'd 
have to be a console user and display/select some carefully chosen 
characters in order to do the overflow; so it's probably a 'local attacker 
at keyboard' flaw?

Cheers, Mark

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux