Linux kernel 2.6.27 exploits

from blog tail -f /var/log/messages | grep vegard, | ↗ original
I found two exploits of the Linux kernel back in January.The first one is a crash in inotify, where a locking imbalance would unlock the inotify mutex twice before returning to userspace. It happens only if the buffer passed to read() was an invalid userspace address. It's fixed in mainline and went into -stable last month (if I recall...
This is a short summary. ↗ Open original to view full content

Related

Two Memory Bugs From Ringbahn
Without boats, dreams dry up | original ↗
On reference-counting and leaks
baby steps | original ↗
0032: undroppable tombstones, forest fuzzer, manifest race, hash_log, zig coercions, zig pointer hops, zig object notation, domain knowledge, built from broken, database internals, papers
Scattered Thoughts | original ↗
0007: yet more internal consistency, re: how safe is zig, async performance, local-first software, fuzzers and emulators, deterministic hardware counters, zig goto
Scattered Thoughts | original ↗
Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty
Blog | Sam Curry | original ↗
A couple ideas that went nowhere
Push the Red Button | original ↗
Debugging a kernel crash found by syzkaller
tail -f /var/log/messages | grep vegard | original ↗
Fixing a memory leak of xmlEntityPtr in librsvg
Federico's Blog | original ↗
Remap the Kernel
Writing an OS in Rust | original ↗
Entering Long Mode
Writing an OS in Rust | original ↗

More from tail -f /var/log/messages | grep vegard

Stigmergy in programming
7 Jul 2022 | original ↗

Ants are known to leave invisible pheromones on their paths in order to inform both themselves and their fellow ants where to go to find food or signal that a path leads to danger. In biology, this phenomenon is known as stigmergy: the act of modifying your environment to manipulate the future behaviour of yourself or others. From the Wikipedia...

Using C-Reduce to debug LaTeX errors
13 Dec 2021 | original ↗

My wife is currently writing her HDR thesis (in France, this is an "accreditation to supervise research"). As part of this, she asked me if it would be possible to split her bibliography into two parts: one containing her own publications and another for the rest of her references. After a tiny bit of searching, I found this stackoverflow answer:...

Compiler fuzzing, part 1
25 Jun 2018 | original ↗

Much has been written about fuzzing compilers already, but there is not a lot that I could find about fuzzing compilers using more modern fuzzing techniques where coverage information is fed back into the fuzzer to find more bugs. If you know me at all, you know I'll throw anything I can get my hands on at AFL. So I tried gcc. (And clang, and...

Writing a reverb filter from first principles
26 Mar 2017 | original ↗

WARNING/DISCLAIMER: Audio programming always carries the risk of damaging your speakers and/or your ears if you make a mistake. Therefore, remember to always turn down the volume completely before and after testing your program. And whatever you do, don't use headphones or earphones. I take no responsibility for damage that may occur as a result...

Fuzzing the OpenSSH daemon using AFL
26 Mar 2017 | original ↗

(EDIT 2017-03-25: All my patches to make OpenSSH more amenable to fuzzing with AFL are available at https://github.com/vegard/openssh-portable. This also includes improvements to the patches found in this post.)American Fuzzy Lop is a great tool. It does take a little bit of extra setup and tweaking if you want to go into advanced usage, but...