[grsec] http://www.securityfocus.com/bid/27704/exploit

pageexec at freemail.hu pageexec at freemail.hu
Thu Feb 14 10:53:48 EST 2008


> http://www.securityfocus.com/data/vulnerabilities/exploits/27704.c
> 
> 	A)config-2.6.19.2eryx-gr (linux terminal server)
> 	segfaults due to PaX .. super, attack is stopped and reported,
>  	computer continues working as normal.
> 
> 
> 	B) config-2.6.19.2bgr3 (my workstation)
> 	hangs exploit process, hangs computer and renders station
>         useless with many PaX and kernel messages on screen, and
> 	many wired usb errors like. I have to reboot then ;( ...

in both cases KERNEXEC catches the code execution attempts, but by that
time the exploit corrupted certain kernel memory and will destabilize
the system, even eryx (just run it enough times if you don't mind and
can risk a crash/reboot). there's nothing that can be done about it,
you must patch the bug as soon as possible.



More information about the grsecurity mailing list