PaX Advisory

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

PaX Advisory

Postby Hannibal » Sun May 02, 2004 11:44 am

Recently, a PaX advisory was published by cr-secure.net. PaX was updated on May 1st 2004 to correct the vulnerability that was located by cr-secure.net.

Does this advisory affect the current GRSecurity?
Hannibal
 
Posts: 6
Joined: Sun May 02, 2004 11:41 am

Re: PaX Advisory

Postby PaX Team » Sun May 02, 2004 4:07 pm

Hannibal wrote:Recently, a PaX advisory was published by cr-secure.net. PaX was updated on May 1st 2004 to correct the vulnerability that was located by cr-secure.net.

Does this advisory affect the current GRSecurity?
yes, the version for linux 2.6 has the same piece of code hence vulnerability. even if it's not recommended yet to use 2.6 where there're untrusted local users, if you need the fix urgently, simply use the interdiff of mm/mmap.c between the current PaX patch and grsecurity.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm


Return to grsecurity support