Linux pancs 2.6.22.17-opt2-cve2 #1 SMP Sun Feb 10 16:22:37 CET 2008
i686 GNU/Linux
---
Linux vmsplice Local Root Exploit
By qaaz
---
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
[+] page: 0x20
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
On Sun, Feb 10, 2008 at 04:47:57PM +0200, Pekka J Enberg wrote:
> From: Bastian Blank <[EMAIL PROTECTED]>
>
> The commit 8811930dc74a503415b35c4a79d14fb0b408a361 ("splice: missing user
> pointer access verification") added access_ok() to copy_from_user_mmap_sem()
> which only ensures we can copy
Signed-off-by: Oliver Pinter <[EMAIL PROTECTED]>
8<
Linux pancs 2.6.22.17-opt2-cve2 #1 SMP Sun Feb 10 16:22:37 CET 2008
i686 GNU/Linux
---
Linux vmsplice Local Root Exploit
By qaaz
---
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
On Sun, Feb 10, 2008 at 04:47:57PM +0200, Pekka J Enberg wrote:
> From: Bastian Blank <[EMAIL PROTECTED]>
>
> The commit 8811930dc74a503415b35c4a79d14fb0b408a361 ("splice: missing user
> pointer access verification") added access_ok() to copy_from_user_mmap_sem()
> which only ensures we can copy
From: Bastian Blank <[EMAIL PROTECTED]>
The commit 8811930dc74a503415b35c4a79d14fb0b408a361 ("splice: missing user
pointer access verification") added access_ok() to copy_from_user_mmap_sem()
which only ensures we can copy the struct iovecs from userspace to the kernel
but we also must check
On Sun, Feb 10, 2008 at 04:47:57PM +0200, Pekka J Enberg wrote:
From: Bastian Blank [EMAIL PROTECTED]
The commit 8811930dc74a503415b35c4a79d14fb0b408a361 (splice: missing user
pointer access verification) added access_ok() to copy_from_user_mmap_sem()
which only ensures we can copy the
Signed-off-by: Oliver Pinter [EMAIL PROTECTED]
8
Linux pancs 2.6.22.17-opt2-cve2 #1 SMP Sun Feb 10 16:22:37 CET 2008
i686 GNU/Linux
---
Linux vmsplice Local Root Exploit
By qaaz
---
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
On Sun, Feb 10, 2008 at 04:47:57PM +0200, Pekka J Enberg wrote:
From: Bastian Blank [EMAIL PROTECTED]
The commit 8811930dc74a503415b35c4a79d14fb0b408a361 (splice: missing user
pointer access verification) added access_ok() to copy_from_user_mmap_sem()
which only ensures we can copy the
Linux pancs 2.6.22.17-opt2-cve2 #1 SMP Sun Feb 10 16:22:37 CET 2008
i686 GNU/Linux
---
Linux vmsplice Local Root Exploit
By qaaz
---
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
[+] page: 0x20
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
9 matches
Mail list logo