ru.linux
- RU.LINUX ---------------------------------------------------------------------
From : Pavel Vasilyev 2:5020/1042.65 25 Aug 2005 21:54:56
To : All
Subject : Linux Kernel Denial of Service and IPsec Policy Bypass
--------------------------------------------------------------------------------
Less critical
IMPACT:
Security Bypass, DoS
WHERE:
Local system
REVISION:
1.1 originally posted 2005-08-25
OPERATING SYSTEM:
Linux Kernel 2.6.x
http://secunia.com/product/2719/
DESCRIPTION:
Two vulnerabilities have been reported in the Linux kernel, which can
be exploited by malicious, local users to cause a DoS (Denial of
Service) or bypass certain security restrictions.
1) The "setsockopt()" function is not restricted to privileged users
with the "CAP_NET_ADMIN" capability. This can be exploited to bypass
IPsec policies or set invalid policies to exploit other
vulnerabilities or exhaust available kernel memory.
2) An error in the "syscall32_setup_pages()" function on 64-bit x86
platforms can be exploited to cause a memory leak by executing a
malicious 32-bit application with specially crafted ELF headers.
SOLUTION:
1) The vulnerability has been fixed in version 2.6.13-rc7.
2) The vulnerability has been fixed in version 2.6.13-rc4.
PROVIDED AND/OR DISCOVERED BY:
1) Herbert Xu
2) Suresh Siddha
CHANGELOG:
2005-08-25: Added information about additional vulnerability.
ORIGINAL ADVISORY:
Kernel.org:
http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.13-rc7
http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.13-rc4
---
* Origin: Just for Fun! - Hе хрена себе повесилились...=) (2:5020/1042.65)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
| Тема: |
Автор: |
Дата: |
|
Linux Kernel Denial of Service and IPsec Policy Bypass |
Pavel Vasilyev |
25 Aug 2005 21:54:56 |
|
|
