grsecurity forums

http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt

anyone tested it on grsec kernels? it seems to work on default kernels and not on grsec...but I'm not 100%, more tests are welcome

i`ve tested it on:

2.4.24-grsec
2.6.10-grsec
2.6.5-grsec
2.4.28-grsec
2.4.28-openwall
2.6.10 plain & 2.4.25 plain

on grsec & openwall the process was killed
on the plain kernels - segmentation fault

svart wrote:http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt

anyone tested it on grsec kernels? it seems to work on default kernels and not on grsec...but I'm not 100%, more tests are welcome

that exploit shouldn't work but there's another (apparently known for half a year) that does work.

PaX Team wrote:

svart wrote:http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt

anyone tested it on grsec kernels? it seems to work on default kernels and not on grsec...but I'm not 100%, more tests are welcome

that exploit shouldn't work but there's another (apparently known for half a year) that does work.

Forgive me, I'm new to this, but is it beyond the scope of this project to fix the one that works?

eRAZOR wrote:Forgive me, I'm new to this, but is it beyond the scope of this project to fix the one that works?

you mean that the fixes at http://grsecurity.net./download.php are not enough?

PaX Team wrote:

eRAZOR wrote:Forgive me, I'm new to this, but is it beyond the scope of this project to fix the one that works?

you mean that the fixes at http://grsecurity.net./download.php are not enough?

let's make this clear..
you say that isec.pl's uselib() does not work on grsec patched kernels but there is another one older that works?

svart wrote:you say that isec.pl's uselib() does not work on grsec patched kernels but there is another one older that works?

yes, it began circulating yesterday after its 0-day status had effectively evaporated and its author(s) posted it on the web.

PaX Team wrote:

svart wrote:you say that isec.pl's uselib() does not work on grsec patched kernels but there is another one older that works?

yes, it began circulating yesterday after its 0-day status had effectively evaporated and its author(s) posted it on the web.

are you sure we are not talking about the same? because this uselib() was also released yesterday...

someone was asking above why grsec did not make a patch to fix that...are you waiting for the kernel.org people to patch it?
Yes, of course we very apreciate what you did...but if you can do more in such a critical step, would be also very apreciating..

acls, stack ex. protections, /proc restrictions, etc...all you do is great...but people use grsec to be and to feel more secure...and you say you know about something..but don't do anything...I and maybe others put a lot of trust in you...so if you don't do it, who else?

svart wrote:are you sure we are not talking about the same? because this uselib() was also released yesterday...

i know, but isec (apparently) wasn't the first to find and exploit this bug.

someone was asking above why grsec did not make a patch to fix that...are you waiting for the kernel.org people to patch it?

i think there's a misunderstanding here. the isec exploit and the other one i mentioned, exploit the *same* bug, hence neither works on the patched kernels which were released yesterday.