oss-sec mailing list archives
Re: CVE-2014-4699: Linux ptrace bug
From: Solar Designer <solar () openwall com>
Date: Sun, 6 Jul 2014 00:36:27 +0400
On Sat, Jul 05, 2014 at 10:25:50PM +0200, Yves-Alexis Perez wrote:
On dim., 2014-07-06 at 00:20 +0400, Solar Designer wrote:On Sat, Jul 05, 2014 at 09:58:15PM +0200, Yves-Alexis Perez wrote:And the system is usable after that.Yet both are vulnerable, with privilege escalation likely possible.Yes, sorry if my initial answer was suggesting the kernels were not vulnerable.
No, I was just clarifying for others. You do actually have all kernels listed as vulnerable here: https://security-tracker.debian.org/tracker/CVE-2014-4699
It was just that we didn't managed to make them crash on the few boxes we tried on.
I think the "Kernel panic - not syncing: Machine halted" is actually unexpected. The PoC isn't meant to crash the machine, although as we've seen it might. It's meant to test whether the issue is triggerable, and if it is we should assume that a real exploit may do more (including both DoS and privilege escalation). Alexander
Current thread:
- CVE-2014-4699: Linux ptrace bug Andy Lutomirski (Jul 04)
- Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 04)
- Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 05)
- Re: CVE-2014-4699: Linux ptrace bug Yves-Alexis Perez (Jul 05)
- Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 05)
- Re: CVE-2014-4699: Linux ptrace bug Yves-Alexis Perez (Jul 05)
- Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 05)
- Re: CVE-2014-4699: Linux ptrace bug Yves-Alexis Perez (Jul 05)
- Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 05)
- Re: CVE-2014-4699: Linux ptrace bug Yves-Alexis Perez (Jul 05)
- Re: CVE-2014-4699: Linux ptrace bug Andy Lutomirski (Jul 08)
- Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 08)
- Re: CVE-2014-4699: Linux ptrace bug Marc Deslauriers (Jul 05)
- Re: CVE-2014-4699: Linux ptrace bug John Johansen (Jul 06)
- Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 06)
- Re: CVE-2014-4699: Linux ptrace bug John Johansen (Jul 06)
- Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 08)