|
PaX Suffers Critical Local Vulnerability... |
 |
 |
 |
|
Saturday, 05 March 2005 12:54 |
|
PaX a core component of grsecurity today had a vulnerability disclosed which has affects every version since September 2003 when vma mirroring was introduced.
According to the post made to the full disclosure mailing list (here) a vulnerability as been discovered in the PaX implementation. We at vdot took this with a pinch of salt initially. However on further investigation it would appear that its true, patches are availible here. From the site:NOTE: all versions for 2.2 before 2005.03.05 have a privilege elevation bug,
you must update as soon as possible.
Anyway patch patch patch... lets hope Microsoft didnt make such a mistake in their stack/heap protection mechanisms. Technical details are due for release to the daily-dave mailing list (here) early next week. |
|
Last Updated ( Thursday, 14 September 2006 21:31 )
|
