Re: Is Fedora, or Linux in general, vulnerable to a "paging exploit" like Vista appears to be?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


AFAIK, Linux drivers are in nonpaged kernel memory, so no matter how
much memory is allocated, they get to stay where they are.


On Thu, Oct 19, 2006 at 12:33:28PM -0700, Douglas Phillipson wrote:
> I just read a new exploit for Vista that in my mind could be plausible 
> for Linux also.  It involves forcing unused device drivers in memory to 
> be paged to disk by allocating gobs of memory, then a program finds the 
> area on the disk where the device driver code is and replaces it with 
> exploited code.  When the driver gets paged back into Kernel memory you 
> now have full access to the machine.  Could this happen to Linux? Can a 
> non-root or even a root owned process access the swap space.  Swap is a 
> file on Windows which probably makes it easier than Linux.  Swap on 
> Linux typically is a unformatted file system, but can be a file in the 
> file system if desired.  As I understand the exploit, Microsoft has 
> implemented a policy with Vista that only drivers "Signed" by Microsoft 
> can be installed on Vista.  This "Paging" exploit completely bypasses 
> this requirement, easily.
> Here is the exploit presentation:
> -- 
> fedora-list mailing list
> [email protected]
> To unsubscribe:

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux