http://blogs.mcafee.com/mcafee-labs/analyzing-the-linux-kernel-vmsplice-exploit Tue, 29 Nov 2011 07:51:20 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://blogs.mcafee.com/mcafee-labs/analyzing-the-linux-kernel-vmsplice-exploit/comment-page-1#comment-14619 luky Sun, 16 Mar 2008 00:02:32 +0000 http://blogs.mcafee.com/2008/02/13/analyzing-the-linux-kernel-vmsplice-exploit/#comment-14619 [3] it does work on 64 bit kernels [3] it does work on 64 bit kernels

]]> http://blogs.mcafee.com/mcafee-labs/analyzing-the-linux-kernel-vmsplice-exploit/comment-page-1#comment-14618 PaX Team Thu, 14 Feb 2008 22:34:51 +0000 http://blogs.mcafee.com/2008/02/13/analyzing-the-linux-kernel-vmsplice-exploit/#comment-14618 plen is PAGE_SIZE not 0, that's why the exploit as it is doesn't work on 64 bit kernels nor would mmap_min_addr be able to prevent exploitation there (it's not a NULL deref there). plen is PAGE_SIZE not 0, that’s why the exploit as it is doesn’t work on 64 bit kernels nor would mmap_min_addr be able to prevent exploitation there (it’s not a NULL deref there).

]]> http://blogs.mcafee.com/mcafee-labs/analyzing-the-linux-kernel-vmsplice-exploit/comment-page-1#comment-14617 James Morris Thu, 14 Feb 2008 14:05:25 +0000 http://blogs.mcafee.com/2008/02/13/analyzing-the-linux-kernel-vmsplice-exploit/#comment-14617 The protection should also work without SELinux compiled in, as the dummy hook checks mmap_min_addr, right ? The protection should also work without SELinux compiled in, as the dummy hook checks mmap_min_addr, right ?

]]> http://blogs.mcafee.com/mcafee-labs/analyzing-the-linux-kernel-vmsplice-exploit/comment-page-1#comment-14616 b00L3an Thu, 14 Feb 2008 07:03:26 +0000 http://blogs.mcafee.com/2008/02/13/analyzing-the-linux-kernel-vmsplice-exploit/#comment-14616 excellent ! would like to see more linux exploit analysis. excellent ! would like to see more linux exploit analysis.

]]>