Home » Debian, Linux, Security

New local kernel exploit

9 January 2011 No Comment

This is a little bit old, but is worth to mention it because on a lot of system is still working. The proof of concept code and a lot of details you will find here: http://bit.ly/fYpOtx . This exploit is based on 3 vulnerabilities found by Nelson Elhage (probably because of that exploit is named full-nelson). As I said the exploit is based on 3 vulnerabilities CVE-2010-4258, CVE-2010-3849 and CVE-2010-3850. The last 2 vulnerabilities are based on Econet protocol driver. If you don’t have this driver loaded exploit will not work. The first vulnerability was founded on 2.6.36.2 and is based on do_exit function which doesn’t handle properly a KERNEL_DS get_fs value.

Anyway the last 2 vulnerabilities were fixed on Debian Security Advisory 2126-1 and without them exploit is not working, so upgrade your computers.


Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.