[grsec] followup about expand_stack

Carlos Carvalho carlos at fisica.ufpr.br
Sun Jan 21 07:34:49 EST 2007


Dinko Korunic (kreator at srce.hr) wrote on 21 January 2007 11:18:
 >On Sat, Jan 20, 2007 at 03:48:42PM -0500, Brad Spengler wrote:
 >> Upon further analysis, it seems that without uderef/kernexec at least 
 >> this bug is exploitable.
 >
 >Hi Brad,
 >
 >Is this common to all recent 2.6 kernels with grsecurity patch? I have
 >tried to reproduce on 2.6.18.2-grsec but given POC doesn't trigger the
 >BUG() -- all it does is SEGV. Am I missing something?

Yes, his previous msg:

Brad Spengler (spender at grsecurity.net) wrote on 20 January 2007 15:07:
 >The POC should have a signal handler in it for SIGSEGV.  Once this is 
 >added, it'll execute fully.


More information about the grsecurity mailing list