You are not logged in.
Pages: 1
http://linuxreviews.org/news/2004-06-11 … index.html
A bug lets a simple C program crash the kernel, effectively locking the whole system. Affects both 2.4.2x and 2.6.x kernels on the x86 architecture.
...
This bug is confirmed to be present when the code is compiled with GCC version 3.0, 3.1, 3.2, 3.3 and 3.3.2 and used on Linux kernel versions 2.4.2x and 2.6.x x86 systems.
...
Using this exploit to crash Linux systems requires the (ab)user to have shell access. The program works on any normal user account, root access is not required.
Can anyone confirm GCC 3.4 ?
Application of abstract techniques and utilities to solving a particular business problem is NOT a patentable idea. It is a fundamental concept of the IT industry.
Offline
I dunno for gcc 3.4, but anyway it is noting very dangerous because you need local acces to do it.
So if some bad guy or girl has already gained local access it already can do a muc more damage without any need to use this trick.
For sure it is a vulnerability and need to be fixed, so stay tuned for next kernel update.
Offline
Linux andromeda 2.6.6-cko1 #5 Mon Jun 7 19:45:40 CEST 2004 i686 unknown unknown GNU/Linux
compiled with gcc 3.4.0.
I had to do a reboot....... :oops:
Offline
user to have shell access or other means of uploading and running the program
For me that's local access, when a user can login in a shell and/or upload files and execute this is local acces.
That's why I say that once a bad guy has this kind of access 10 code line of C is the last of your problem.
Offline
It's fixed in 2.6.7.
I upgraded an hour ago... sofar everything seems fine.
Application of abstract techniques and utilities to solving a particular business problem is NOT a patentable idea. It is a fundamental concept of the IT industry.
Offline
Pages: 1