Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and previous versions allows local users to gain root privileges.
Several local root exploits have been discovered recently in the Linux
kernel This security advisory updates the hppa kernel 2417 for
Debian GNU/Linux The Common Vulnerabilities and Exposures project
identifies the following problems that are fixed with this update:
CAN-2003-0961:
An integer overflow in brk() system call (do_brk() function) ...
Several local root exploits have been discovered recently in the Linux
kernel This security advisory updates the mips kernel 2419 for
Debian GNU/Linux The Common Vulnerabilities and Exposures project
identifies the following problems that are fixed with this update:
CAN-2003-0961:
An integer overflow in brk() system call (do_brk() function) ...
Several local root exploits have been discovered recently in the Linux
kernel This security advisory updates the PA-RISC kernel 2418 for
Debian GNU/Linux The Common Vulnerabilities and Exposures project
identifies the following problems that are fixed with this update:
CAN-2003-0961:
An integer overflow in brk() system call (do_brk() functi ...
Paul Starzetz discovered a flaw in bounds checking in mremap() in the
Linux kernel (present in version 24x and 26x) which may allow a
local attacker to gain root privileges Version 22 is not affected
by this bug
Andrew Morton discovered a missing boundary check for the brk system
call which can be used to craft a local root exploit
For the ...
Red Hat and SuSE kernel and security teams revealed an integer overflow
in the do_brk() function of the Linux kernel allows local users to
gain root privileges
For the stable distribution (woody) this problem has been fixed in
version 2417-00202262woody4 Other architectures are already or
will be fixed separately
For the unstable distributi ...
The IA-64 maintainers fixed several security related bugs in the Linux
kernel 2417 used for the IA-64 architecture, mostly by backporting
fixes from 2418 The corrections are listed below with the
identification from the Common Vulnerabilities and Exposures (CVE)
project:
CAN-2003-0001:
Multiple ethernet network interface card (NIC) device ...
Several security related problems have been fixed in the Linux kernel
2417 used for the S/390 architecture, mostly by backporting fixes
from 2418 and incorporating recent security fixes The corrections
are listed below with the identification from the Common
Vulnerabilities and Exposures (CVE) project:
CVE-2002-0429:
The iBCS routines in a ...
Recently multiple servers of the Debian project were compromised using a
Debian developers account and an unknown root exploit Forensics
revealed a burneye encrypted exploit Robert van der Meulen managed to
decrypt the binary which revealed a kernel exploit Study of the exploit
by the Red Hat and SuSE kernel and security teams quickly revealed t ...
Several local root exploits have been discovered recently in the Linux
kernel This security advisory updates the PowerPC/Apus kernel for
Debian GNU/Linux The Common Vulnerabilities and Exposures project
identifies the following problems that are fixed with this update:
CAN-2003-0961:
An integer overflow in brk() system call (do_brk() function ...
/*
* hatorihanzoc
* Linux kernel do_brk vma overflow exploit
*
* The bug was found by Paul (IhaQueR) Starzetz <paul@isecpl>
*
* Further research and exploit development by
* Wojciech Purczynski <cliph@isecpl> and Paul Starzetz
*
* (c) 2003 Copyright by IhaQueR and cliph All Rights Reserved
*
* COPYING, PRINTING, DISTRIBUTION, MOD ...
; E-DB Note: Updated Exploit ~ wwwexploit-dbcom/exploits/131/
;
; Christophe Devine (devine at cr0net) and Julien Tinnes (julien at cr0org)
;
; This exploit uses sys_brk directly to expand his break and doesn't rely
; on the ELF loader to do it
;
; To bypass a check in sys_brk against available memory, we use a high
; virtual address a ...