Zack's Kernel News

Kernel News

Article from Issue 237/2020
Author(s):

Zack covers: When a Security Hole Is OK; Kernel Documentation Updates; and Security Through Obscurity

When a Security Hole Is OK

Eric W. Biederman recently posted a patch to replace a 32-bit counter with a 64-bit counter. This would fix the problem that, as he put it, "With care an attacker can cause exec_id wrap and send arbitrary signals to a newly exec'd parent."

He added that he had tested this hole and found that he could wrap the 32-bit exec_id and exploit the problem in two weeks. Faster systems, of course, could do it more quickly.

However, Eric did acknowledge that on 32-bit CPUs, "reading self_exec_id is no longer atomic and can take two read instructions." This meant that on 32-bit systems there would be a microscopic window of time when the actual self_exec_id value would not match the value being read by the code. During that time, he said, this security hole remained exploitable.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Kernel News

    Chronicler Zack Brown reports on the NOVA filesystem, making system calls userspace only, and extending module support to plain executables. 

  • Kernel News

    Zack Brown reports on: Trusted Computing and Linux; Load Balancer Improvements; and New Random Number Handling.

  • Linus Torvalds Invites Attackers to Join the Kernel Community

    He wants attackers to join the community instead of attacking the code.

  • Kernel News

    Chronicler Zack Brown reports on the latest news, views, dilemmas, and developments within the Linux kernel community.

  • Kernel News

    Chronicler Zack Brown reports on the latest news, views, dilemmas, and developments within the Linux kernel community.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95

News