2.6.31.6 and kernel null pointer (CVE-2009-3547)

Discuss and suggest new grsecurity features

2.6.31.6 and kernel null pointer (CVE-2009-3547)

Postby hanno » Tue Nov 10, 2009 9:18 am

Linux kernel 2.6.31.6 has been released. It seems they've implemented a different fix for CVE-2009-3547 than the one spender implemented in the grsecurity-patch.

Brad, can you please verify if the kernel's fix also resolves the issue? (and btw give us an updated patch for 2.6.31.6 ;-)
hanno
 
Posts: 26
Joined: Thu Dec 16, 2004 4:37 am

Re: 2.6.31.6 and kernel null pointer (CVE-2009-3547)

Postby spender » Tue Nov 10, 2009 10:25 am

It's the same base fix, the PaX team just added some extra parts to it. The PaX team will have an updated patch soon fixing some of the bugs discussed here on the forums, and I'll release my updated 2.6.31.6 patch then (with the RBAC bugfix from the forums).

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm


Return to grsecurity development