[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20130701084605.GA13808@suse.de>
Date: Mon, 1 Jul 2013 10:46:05 +0200
From: Sebastian Krahmer <krahmer@...e.de>
To: oss-security@...ts.openwall.com
Subject: Re: Kernel: 2.6.32+ IP_RETOPTS Buffer Poisoning DoS
hemlock.c
On Sun, Jun 30, 2013 at 04:34:16PM -0700, Steven Ciaburri wrote:
> Kurt,
>
> I just loaded a a virtual machine at Rackspace Cloud running RHEL. It is a Xen based VM.
>
> [steven@...l ~]$ ./a.out
> [+] giving ourselves some poison...
> [+] polluted kernelspace with more crap
> [+] polluted kernelspace with more crap
> [+] polluted kernelspace with more crap
> [+] polluted kernelspace with more crap
> [+] polluted kernelspace with more crap
> [+] polluted kernelspace with more crap
> [+] polluted kernelspace with more crap
>
> at which point the server kernel paniced.
>
> The server is running 2.6.32-358.11.1.el6.x86_64
> I did discover that it appears with SELINUX enabled the POC can go through a considerable amount of tries before it crashes.
Cool, so SELinux is actually doing its job. :)
Sebastian
--
~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer@...e.de - SuSE Security Team
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
