No ELF Vulnerability in 2.6 Kernel

gaijincory writes "Greg KH, the co-maintainer of the 2.6 kernel has posted a comment on lwn.net confirming that there is indeed no such ELF vulnerability as spelled out by Paul Starzetz on isec. The bug was originally thought to be particularly nasty, allowing a malicious user to gain elevated privileges using a carefully crafted binary which would exploit the kernel's Executable and Linking Format. The bug's author confirmed that no one has been able to repro the exploit."

Oh _that_ makes sense

[/ASCII]

I saw this story on OSnews today, but they made it out to be about the Hyperthreading issue. But that didn't make any sense since that is not ans OS bug at all, but a hardware issue. (If it is evan an issue)

The bug's author?

[Looke]

Who's "the bug's author"? He who discovered it or he who wrote the code?

"I'm a bug author. Today I've written five bugs!" Sounds like a nice career choice ...

Re:No ELF vulnerability eh?

[mikrorechner]

Just FYI:
DWARF (Debug With Arbitrary Record Format) is a format for debugging information for ELF files.

(Yes, I know the parent is joking.)

Many Exploits don't work as advertised

[HidingMyName]

Our research group works in intrusion detection. As part of our research we wanted to generate host based intrusions in a Linux environment (Linux 2.6.2 kernel running on Fedora Core 2 without security patches applied).

We found that almost all the exploits we tried did not work as advertised. Yet the security advisory lists blindly post these as if they work. While the design/implementation issues may be present in a range of kernels, I'm beginning to think that these exploits are not vetted, and that the exploit writers look for a possible weakness and publish a piece of software that sort of pokes at it and claim success. It is very frustrating, since if the vulnerability can be exploited, a bogus exploit gives a false sense of security (since you can't compromise the system using it).