Re: Is Fedora, or Linux in general, vulnerable to a "paging exploit" like Vista appears to be?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



AFAIK, Linux drivers are in nonpaged kernel memory, so no matter how
much memory is allocated, they get to stay where they are.

Thanks,
	Jamie

On Thu, Oct 19, 2006 at 12:33:28PM -0700, Douglas Phillipson wrote:
> I just read a new exploit for Vista that in my mind could be plausible 
> for Linux also.  It involves forcing unused device drivers in memory to 
> be paged to disk by allocating gobs of memory, then a program finds the 
> area on the disk where the device driver code is and replaces it with 
> exploited code.  When the driver gets paged back into Kernel memory you 
> now have full access to the machine.  Could this happen to Linux? Can a 
> non-root or even a root owned process access the swap space.  Swap is a 
> file on Windows which probably makes it easier than Linux.  Swap on 
> Linux typically is a unformatted file system, but can be a file in the 
> file system if desired.  As I understand the exploit, Microsoft has 
> implemented a policy with Vista that only drivers "Signed" by Microsoft 
> can be installed on Vista.  This "Paging" exploit completely bypasses 
> this requirement, easily.
> 
> Here is the exploit presentation:
> 
> http://www.blackhat.com/presentations/bh-usa-06/BH-US-06-Rutkowska.pdf
> 
> DSP
> 
> -- 
> fedora-list mailing list
> [email protected]
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> 


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux