[grsec] [Full-disclosure] Linux NULL pointer dereference due to incorrect proto_ops initializations

Brad Spengler spender at grsecurity.net
Fri Aug 14 11:10:59 EDT 2009


> i tried and it ends up with:
> 
> "unable to find a vulnerable domain, sorry"
> 
> that should be enough for me. i won't recompile kernel to add support of any
> vulnerable domain to further testing. as i understood KERNEXEC should protect me
> anyway ...

Yea, as mentioned by Julien on his blog, reducing your attack surface by 
not compiling in drivers/features you won't use is good for security.

-Brad
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://grsecurity.net/pipermail/grsecurity/attachments/20090814/b7500ccc/attachment.pgp 


More information about the grsecurity mailing list