A Security bug in Linux kernel
My morning started as usual, woke up at 7:30, turned the PC one, went to kitchen to bring some food and make coffee, then back to the PC to check emails, facebook, forums, and RSS. So one of the news reports was a Linux kernel bug that existed for about eight years! Can you imagine it?
So in short:
Linux kernel implements different sockets. Each socket have a struct assigned to it called proto_ops. The only thing this struct hold is pointers to implementation of different functions like bind, accept, and so on. Some might not implement one of the functions, in this case they should send a pointer to stub function. But even if the pointer left NULL, most of the times the kernel will validate that it is null.
So where is the bug? In function sock_sendpage(). This function does not validate the pointer and therefore can call for a NULL pointer. In this case an attacker can place a code at page 0 and the kernel will execute this code in SUPERVISOR mode!
I haven’t heard about any patch yet, but I’m sure that there will be one soon.
Wordpress Arch Linux Tag
- ArchEX 2024 (Arch Linux) Live with KDE Plasma 6.0.4, LXQt 1.4, kernel 6.8.9-ARCH and Calamares Installer 3.3.5 :: Build 240509
- New Arch Linux ISO Release with Kernel 6.8
- KDE Plasma 6 Ku
- Buat yang Nggak Bisa Install Aplikasi Ayat di Linux, Sekarang Bisa Install Quran Companion Sebagai Alternatifnya
- Untitled
- reflector(1)
- archinstall - btrfs compression
- Arch patched 6.7.9 kernel
- Go Over 100% Volume in GNOME with One Terminal Command
- pacman 6.1
Wordpress Programming Tag
- Digital Bloodhounds Abroad
- If Statement
- Boolean Expressions
- Python Programming
- Becoming One with God: The Transformative Power of Love and Elle
- Basic Input and Output
- The Process of Computational Problem Solving
- Mastering Budget Planning with Google Sheets: A Comprehensive Guide
- Syntax, Semantics, and Program Translation
- Tears for Fears Spreader Event
Linux, Programming, Computers and Life 