this is old news now, but everyone has been adding on to their blog posts, and writing more and more shit. hopefully this post will pretty much be a complete list of the serious links surrounding this vuln including exploit code.
here is a pastebin a made of vulnerable distros/kernel versions
Redhat's original article to show the problem in SELinux and mmap_min_addr
cr0.org's advisory
Linux NULL pointer dereference due to incorrect proto_ops initializations on cr0.org (best resource)
RISE security's take of it, but on Power/Cell BE arch
redhat's recommendation on mitigation for the problem.
updated Full Disclosure post
and finally THE PATCH!!! <-- do not download, iz evil +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ and the exploit links *newest to work with COW credentials I.E fedora 11
Linux kernel 2.4/2.6 (32bit) sock_sendpage() local ring0 root exploit (simple ver)
before Brad's( pretty much same as below)
wunderbar_emporium.tgz
ARM Android exploit
PPC/PPC64/x86_64/i386 exploit
No comments:
Post a Comment