Slashdot Mirror

← Back to Stories (view on slashdot.org)

No ELF Vulnerability in 2.6 Kernel

Posted by Hemos on from the good-news-bear dept.

gaijincory writes "Greg KH, the co-maintainer of the 2.6 kernel has posted a comment on lwn.net confirming that there is indeed no such ELF vulnerability as spelled out by Paul Starzetz on isec. The bug was originally thought to be particularly nasty, allowing a malicious user to gain elevated privileges using a carefully crafted binary which would exploit the kernel's Executable and Linking Format. The bug's author confirmed that no one has been able to repro the exploit."

4 of 86 comments (clear)

  1. Re:No ELF vulnerability eh? by mikrorechner · · Score: 5, Informative


    Just FYI:
    DWARF (Debug With Arbitrary Record Format) is a format for debugging information for ELF files.

    (Yes, I know the parent is joking.)

    --
    "Oh, a lesson in not changing history from Mr I'm-my-own-Grandpa." - Dr Hubert Farnsworth
  2. Many Exploits don't work as advertised by HidingMyName · · Score: 5, Informative
    Our research group works in intrusion detection. As part of our research we wanted to generate host based intrusions in a Linux environment (Linux 2.6.2 kernel running on Fedora Core 2 without security patches applied).

    We found that almost all the exploits we tried did not work as advertised. Yet the security advisory lists blindly post these as if they work. While the design/implementation issues may be present in a range of kernels, I'm beginning to think that these exploits are not vetted, and that the exploit writers look for a possible weakness and publish a piece of software that sort of pokes at it and claim success. It is very frustrating, since if the vulnerability can be exploited, a bogus exploit gives a false sense of security (since you can't compromise the system using it).

  3. Re:2.6 may be fine, but 2.4 isn't by Anonymous Coward · · Score: 1, Informative

    Probably not this bug, anyway. 2.4.21 is extremely old (will be 2 years old in two weeks time), and has a number of other vulnerabilities (including several other elf bugs). Step into 2005, upgrade to 2.4.30 :-)

  4. Re:Why so confident? by pimpsoftcom · · Score: 2, Informative

    Do NOT do this. The first 512 bytes of a hard drive make up the boot sector of the drive. If you do what he showed you, it will overwrite the boot sector of the hard drive in question (In this case /dev/hda, the master and first hardrive on the first ide channel). This would make the computer unbootable!

    --
    - d