Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 1 Jul 2013 10:46:05 +0200
From: Sebastian Krahmer <krahmer@...e.de>
To: oss-security@...ts.openwall.com
Subject: Re: Kernel: 2.6.32+ IP_RETOPTS Buffer Poisoning DoS
	hemlock.c

On Sun, Jun 30, 2013 at 04:34:16PM -0700, Steven Ciaburri wrote:
> Kurt,
> 
> I just loaded a a virtual machine at Rackspace Cloud running RHEL. It is a Xen based VM.
> 
> [steven@...l ~]$ ./a.out
> [+] giving ourselves some poison...
> [+] polluted kernelspace with more crap
> [+] polluted kernelspace with more crap
> [+] polluted kernelspace with more crap
> [+] polluted kernelspace with more crap
> [+] polluted kernelspace with more crap
> [+] polluted kernelspace with more crap
> [+] polluted kernelspace with more crap
> 
> at which point the server kernel paniced. 
> 
> The server is running 2.6.32-358.11.1.el6.x86_64
> I did discover that it appears with SELINUX enabled the POC can go through a considerable amount of tries before it crashes.

Cool, so SELinux is actually doing its job. :)

Sebastian

-- 

~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer@...e.de - SuSE Security Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.