PaX privilege elevation security bug

Robert Connolly robert at linuxfromscratch.org
Mon Mar 7 09:38:52 PST 2005


On March 7, 2005 10:06 am, pinotj at club-internet.fr wrote:
> >it seems that there is a critical bug in PaX.
> >Here is the posting from the Full Disclosure list:
> >
> >http://seclists.org/lists/fulldisclosure/2005/Mar/0211.html
> >
> >	Timo
>
> The grsecurity team did an update to their patch in the same time:
> http://www.grsecurity.net/news.php#grsec212
>
> The question is about keeping PaX in hlfs

Its a local vulnerability. Everyone is encouraged to upgrade, its available 
for 2.6.11 I think. I'm waiting for 2.6.11 sterilized headers before 
upgrading the book.

As for keeping PaX. I'm sure we're better off with it than without it, even 
with occasional vulnerabilities. This one was found by the developers before 
anyone was exploited.

robert



More information about the hlfs-dev mailing list