Confusion about alleged exploits for Linux security extensions Grsecurity-PaX
Security service provider Digital Armaments has reported two alleged security holes in the PaX component of the Grsecurity extension for the Linux kernel. A preliminary advisory states that the expand_stack() function contains a vulnerability that local users could exploit to inject arbitrary malicious code into the kernel. The advisory does not provide any other details to clear up the matter. Rather, these details are to be provided in a final advisory in six months. In addition, one of the service provider's news sites speaks of a hole in Grsecurity that can be exploited over networks.
|
|
Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.