Re: Clamav

From: "Sam Sharpe" <lists.redhat@xxxxxxxxxxxxx>
Sent: Saturday, 2010/April/17 02:09


On 17 April 2010 08:41, jdow <jdow@xxxxxxxxxxxxx> wrote:
From: "Patrick O'Callaghan" <pocallaghan@xxxxxxxxx>
Sent: Friday, 2010/April/16 22:49

Which of the vulnerabilities discussed on the kernel list is
communicable via an email message in such a way as to compromise the
security of the target system without manual intervention on the part of
its user? Please be specific.

Here is a non-LKML reference with a full explanation of the problem:
Some background:
http://blog.ksplice.com/2010/03/null-pointers-part-i/
How to exploit it:
http://blog.ksplice.com/2010/04/exploiting-kernel-null-dereferences/

The exploit can be delivered through email and introduced into the
machine via targeted social engineering. If you can be tricked into
allowing it to run, you're toast. ANY means of getting into the
machine and having code execute is sufficient to allow the exploit
to run within the kernel at kernel privilege.

Read the page more carefully. Particularly the comments.

-------------
Nelson Elhage says:
April 13, 2010 at 12:35 pm
....
After all the NULL pointer vulnerabilities last year, every major
distro has now turned mmap_min_addr on by default. So if you need to
run old DOS programs in Wine you can still change it, but it should be
much harder to exploit these things by default.
....
-------------

-------------
Nelson Elhage says:
April 14, 2010 at 9:54 am

Tomoe: I believe that, on recent kernels, SELinux blocks mmap’ing the
zero page separately from the mmap_min_addr mechanism. You should be
able to disable this protection for the purposes of experimentation by
running

setsebool -P mmap_low_allowed 1

as root.
-------------

--
Sam

<<jdow
How many people get frustrated with SELinux and simply disable it?

{o.o}

--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Relevant Pages

  • Re: Clamav
    ... communicable via an email message in such a way as to compromise the ... security of the target system without manual intervention on the part of ... to run within the kernel at kernel privilege. ... To unsubscribe or change subscription options: ...
    (Fedora)
  • Re: Clamav
    ... jdow wrote: ... security of the target system without manual intervention on the part of ... to run within the kernel at kernel privilege. ... How many people get frustrated with SELinux and simply disable it? ...
    (Fedora)
  • RE: iptables script has stopped
    ... Have you installed a new kernel, used up2date and updated the kernel? ... relate to the official business of Big Picture Group shall be understood as ... any responsibility for any breach of confidence which may arise through the use of this medium. ... This footnote also confirms that this email message has been swept for the presence of known computer viruses. ...
    (RedHat)
  • Re: Building drivers for a specific kernel
    ... downloaded the kernel. ... file that matches the one used to build the target system (the one you ... INSTALL e1000e DRIVER SOURCE ... Now download the e1000e driver from ...
    (comp.os.linux.development.system)
  • Re: moving with dd to new server -> kernel panic unable to mount root fs
    ... > The target system has a different controller but the drivers are compilied ... > into the kernel. ... I suspect you failed to set the new MBR, which is usually at the beginning ...
    (comp.os.linux.setup)