.Source code for a exploit of a Linux kernel vulnerability has been posted by Brad Spengler (Brad is the author of grsecurity). I have to tell you right now – this was one of the most fascinating bugs I've read about lately.
Why is it so fascinating? Because a source code audit of the vulnerable code would never find this vulnerability (well, actually, it is possible but I assure you that almost everyone would miss it). However, when you add some other variables into the game, the whole landscape changes
Ny vulnerability i linux
Ny vulnerability i linux
http://isc.sans.org/diary.html?storyid=6820
ǁ A: Because it obfuscates the reading.
ǁ Q: Why is top posting so bad?
ǁ Q: Why is top posting so bad?
-
Rasmus
- Inlägg: 2291
- Blev medlem: 07 sep 2006, 18:33
- OS: Ubuntu
- Utgåva: 24.04 Noble Numbat LTS
- Ort: Svalsta
Re: Ny vulnerability i linux
Intressant, kompilatorn skapar alltså ett säkerhetshål.
Nu är jag jäkligt trött, men visst skrev han att det nu var fixat?
Nu är jag jäkligt trött, men visst skrev han att det nu var fixat?