[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
|
|
Subscribe / Log in / New account

The rest of the vmsplice() exploit story

The rest of the vmsplice() exploit story

Posted Mar 6, 2008 20:05 UTC (Thu) by spender (guest, #23067)
In reply to: The rest of the vmsplice() exploit story by fuhchee
Parent article: The rest of the vmsplice() exploit story 

The UDEREF feature of PaX prevents the kernel from accessing userland memory directly and has
been doing so for 2 years now, close to a year before the vulnerability class ever became
public.  It makes use of segmentation on x86 to accomplish this, so due to Linus' rules it
will never be accepted into the mainline kernel.

-Brad

to post comments

The rest of the vmsplice() exploit story

Posted Mar 6, 2008 20:11 UTC (Thu) by spender (guest, #23067) [Link] 

If you're interested, I had posted this information earlier regarding UDEREF to some mailing
lists, courtesy of the PaX Team:
http://grsecurity.net/~spender/uderef.txt

-Brad


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds