Announcement

Collapse
No announcement yet.

Linux kernel security hole allows root access

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    #16
    Re: Linux kernel security hole allows root access

    64 bit Kubuntu 9.10
    2.6.31-14-generic #48-Ubuntu SMP
    /proc/sys/vm/mmap_min_addr is 0

    "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
    – John F. Kennedy, February 26, 1962.

    Comment


      #17
      Re: Linux kernel security hole allows root access

      Originally posted by GreyGeek
      64 bit Kubuntu 9.10
      2.6.31-14-generic #48-Ubuntu SMP
      /proc/sys/vm/mmap_min_addr is 0

      That seems odd -- my system is also 64-bit Karmic, same kernel.



      There must something "dynamic" about how it is set up -- memory capacity or swap status or something, maybe?

      Comment


        #18
        Re: Linux kernel security hole allows root access

        Originally posted by GreyGeek
        Originally posted by kubicle
        Originally posted by Ole Juul
        You mean to say that this vulnerability only works if you don't have a firewall? Sheesh! If that's the case then the reports I've seen in the press are written by incompetents.
        Haven't really digged into this, but AFAIK a null-point dereference kernel vulnerability can only be used to elevate privileges (user>root), so to exploit it one needs shell access to the system (ability to log into the system as a user)...so firewall is usually not essential in preventing these kinds of exploits.
        If a bad guy is going to hack into your Kubuntu box it will, more than likely, be as the user, since remote access to root is not allowed and root has no password. After gaining access to the user account this exploit can be used to elevate priviledges. A good firewall will prevent a bad guy from hacking in.
        Well, no remote logins are allowed in kubuntu by default (even as a user), you need to install a server for that (like ssh). And a properly configured ssh server won't allow bad guys in even without a firewall, which has to have some holes anyway to allow intended usage. (In most cases allowing password logins in ssh is poor security, using host key authentication is much better). And I think I read somewhere that this particular vulnerability needs local access (not remote). So I still think firewall is not the deciding factor here . Nothing against firewalls in general, of course.

        Originally posted by GreyGeek
        64 bit Kubuntu 9.10
        2.6.31-14-generic #48-Ubuntu SMP
        /proc/sys/vm/mmap_min_addr is 0
        I got the impression that installing some VM software like qemu (or wine) may set the value to 0.

        Comment


          #19
          Re: Linux kernel security hole allows root access

          Originally posted by kubicle
          ......
          I got the impression that installing some VM software like qemu (or wine) may set the value to 0.
          Could be. I did install CrossOver on this box in order to run a Window app that I used to write a fly-by-wire control system for a new kind of ag tractor.
          "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
          – John F. Kennedy, February 26, 1962.

          Comment


            #20
            Re: Linux kernel security hole allows root access

            GreyGeek:
            Regardless, I suspect this hole will be patched before bad guys can exploit it to any useful extent. After all, it took them EIGHT MONTHS to capture only 700 poorly administered Linux boxes. That's a lot of work for such a small reward. 700 Linux zombies, as good as Linux is, cannot match the output of 1,300,000 Windows zombies.
            OT, but I couldn't leave it alone I believe those compromised Linux boxes were set up such that they rely on MS-Win machines for security. It would indeed take eight months to find a few of those!

            Comment


              #21
              Re: Linux kernel security hole allows root access

              Originally posted by GreyGeek
              Originally posted by kubicle
              ......
              I got the impression that installing some VM software like qemu (or wine) may set the value to 0.
              Could be. I did install CrossOver on this box in order to run a Window app that I used to write a fly-by-wire control system for a new kind of ag tractor.
              Must be. I have WINE installed and VirtualBOX and "cat /proc/sys/vm/mmap_min_addr" reported "0"

              Comment


                #22
                Re: Linux kernel security hole allows root access

                fwiw here is some more info on this hole from the source

                http://wiki.debian.org/mmap_min_addr

                Comment


                  #23
                  Re: Linux kernel security hole allows root access

                  vinny@desktop:~$ cat /proc/sys/vm/mmap_min_addr
                  0
                  vinny@desktop:~$

                  vbox OSE & wine installed.

                  a check at grc.com from the grey one's OP sead I was in total stelth moad though and invisable on the net......LOL

                  VINNY
                  i7 4core HT 8MB L3 2.9GHz
                  16GB RAM
                  Nvidia GTX 860M 4GB RAM 1152 cuda cores

                  Comment

                  Working...
                  X