Re: [Fwd: [Full-Disclosure] [grsec] grsecurity 2.1.0 release / 5 Linux kernel advisories]
On Fri, Jan 07, 2005 at 02:32:19PM -0500, Andres Salomon wrote:
> 3) 2.4/2.6 random poolsize sysctl handler integer overflow
> 4) 2.6 scsi ioctl integer overflow and information leak
Fix for this one:
http://linux.bkbits.net:8080/linux-2.5/cset@41df016bZDdnPwbowa4FiQaKDUCnbw
> 5) 2.2/2.4/2.6 moxa serial driver bss overflow
> 6) 2.4/2.6 RLIMIT_MEMLOCK bypass and (2.6) unprivileged user DoS
> 7) Attachments, including patches for all vulns, a POC for #3, and a
> working exploit for #6
--
"Next the statesmen will invent cheap lies, putting the blame upon
the nation that is attacked, and every man will be glad of those
conscience-soothing falsities, and will diligently study them, and refuse
to examine any refutations of them; and thus he will by and by convince
himself that the war is just, and will thank God for the better sleep
he enjoys after this process of grotesque self-deception." -- Mark Twain
Reply to: