{"id":636,"date":"2009-08-16T14:05:52","date_gmt":"2009-08-16T07:05:52","guid":{"rendered":"http:\/\/deepquest.code511.com\/blog\/?p=636"},"modified":"2009-08-16T14:14:13","modified_gmt":"2009-08-16T07:14:13","slug":"linux-kernels-vulnerability-since-2001-and-still-working","status":"publish","type":"post","link":"https:\/\/deepquest.code511.com\/blog\/2009\/08\/linux-kernels-vulnerability-since-2001-and-still-working\/","title":{"rendered":"Linux Kernels vulnerability since 2001 (and still working)"},"content":{"rendered":"
Nice work Linus on trying to silently fix an 8 year old vulnerability, leaving vendors without patched\r\nkernels for their users.\r\n\r\n<\/object>\r\n\r\n Vulnerability in Linux kernels since 2001.<\/a>\r\n\r\nExploits the vulnerability in all Linux kernels since 2001. Exploit works on all kernels since 2001.\r\nDisables SELinux, AppArmor, LSM -- you know the drill.\r\nThis exploit is a bit  be more interactive, involving a simulated russian roulette\r\n(hence the video) where there would be a 1 in 6 chance of instead of the box being\r\ncompromised, it would hot reboot into FreeDOS.\r\nThe exploit works on 2.4, 2.6, x86, x64, 4k stacks, 8k stacks, with\/without cred framework,\r\nbypasses mmap_min_addr in any public way possible (auto-detecting which method to use).\r\nAs always, while in ring0 it provides the added convenience of disabling auditing,\r\nSELinux, AppArmor, and all other LSM modules.\u00a0 If SELinux is enforcing, it will also rewrite\r\nthe SELinux code to fool userland into thinking it remains in enforcing mode.\r\nfrom Spender<\/a><\/pre>\n","protected":false},"excerpt":{"rendered":"
vulnerability in all Linux kernels since 2001<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3],"tags":[2874,45,44],"class_list":["post-636","post","type-post","status-publish","format-standard","hentry","category-security","tag-exploit","tag-kernel","tag-linux"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4bBYZ-ag","_links":{"self":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts\/636","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/comments?post=636"}],"version-history":[{"count":6,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts\/636\/revisions"}],"predecessor-version":[{"id":641,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts\/636\/revisions\/641"}],"wp:attachment":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/media?parent=636"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/categories?post=636"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/tags?post=636"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}