hello, i'm using linux 2.4.22 with grseucirty and today i heard of the do_brk root-exploit. now my question: is my system also endangered?
what can I do to secure my system (except a kernel upgrade)?
2.4.22: do_brk with grsecurity also vulnerable?
10 posts
• Page 1 of 1
2.4.22: do_brk with grsecurity also vulnerable?
by msi » Tue Dec 02, 2003 4:33 pm
- msi
- Posts: 29
- Joined: Fri Sep 13, 2002 2:37 pm
by Sleight of Mind » Tue Dec 02, 2003 6:21 pm
you could use http://www.grsecurity.net/~spender/grse ... -rc2.patch
but i would suggest using the cvs instead. It's 2.4.23 now and always has the latest fixes etc.
but i would suggest using the cvs instead. It's 2.4.23 now and always has the latest fixes etc.
- Sleight of Mind
- Posts: 92
- Joined: Tue Apr 08, 2003 10:41 am
by msi » Wed Dec 03, 2003 4:05 pm
hello everyone,
is this patch enough to block the do_brk hole:
is this patch enough to block the do_brk hole:
- Code: Select all
--- t/linux-2.4.21/mm/mmap.c Fri Jun 13 16:51:39 2003
+++ linux-2.4.23/mm/mmap.c Fri Nov 28 19:26:21 2003
@@ -1040,6 +1040,9 @@
len = PAGE_ALIGN(len);
if (!len)
return addr;
+
+ if ((addr + len) > TASK_SIZE || (addr + len) < addr)
+ return -EINVAL;
/*
* mlock MCL_FUTURE?
- msi
- Posts: 29
- Joined: Fri Sep 13, 2002 2:37 pm
by niz » Wed Dec 03, 2003 7:13 pm
There is some test program at bugtraq...
http://www.securityfocus.com/archive/1/ ... 03-12-06/0
I have not tested it..
http://www.securityfocus.com/archive/1/ ... 03-12-06/0
I have not tested it..
- niz
- Posts: 19
- Joined: Mon Sep 09, 2002 6:12 am
by PaX Team » Wed Dec 03, 2003 7:17 pm
http://archives.neohapsis.com/archives/bugtraq/2003-12/0011.htmlmsi wrote:now, how can i test, wether my patch works? does anybody now, where i can get a exploit, or a program which tests the vulnerability?
- PaX Team
- Posts: 2310
- Joined: Mon Mar 18, 2002 4:35 pm
10 posts
• Page 1 of 1