[grsec] that expand_stack bug claimed again with POC
Carlos Carvalho
carlos at fisica.ufpr.br
Sat Jan 20 13:29:28 EST 2007
I've just seen in bugtraq that company claim again the expand_stack
bug, this time giving proof-of-concept code. I tried it and just got a
segfault:
hoggar% ./a.out
--> about to fault on 5FFFF000
zsh: segmentation fault ./a.out
hoggar%~[ 4:20] whoami
carlos
Here's the kernel log:
Jan 20 16:19:32 hoggar kernel: grsec: exec of a.out (./a.out )
Jan 20 16:19:32 hoggar kernel: grsec: signal 11 sent to a.out[a.out:26304]
Jan 20 16:19:32 hoggar kernel: grsec: denied resource overstep by
requesting 4096 for RLIMIT_CORE against limit 0 for a.out[a.out:26304]
Maybe I don't know how to adapt/run it, so it'd be good if the experts
had a look at it... Local root is too critical to downplay.
I'm using 2.6.19.1, and I'm about to go to the 19.2/latest grsec release.
More information about the grsecurity
mailing list