Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Just from looking at the code, this exploit works only for 32 bit machines, all 64 bit installations should be fine.


Can you back that up? The exploit states x86_64, and even if there is only an x86 exploit published, it's likely the same vulnerability is present on an x86_64 kernel (in general).

Lack of exploit code doesn't imply a lack of vulnerability :)


I mean, the fix consists in making sure that attr.config has all the 64 bits cleared - on the 64 bit machines, int is 64bit, so u64 == int, and all the bits are correctly handled. on 32 bit machines, int is 32bit, and the top 32 bit of attr.config is not cleared.

I may be wrong though, as I didn't scan through all the affected code.


It's not that hard to port it to 32 bits, just hang on week or two. I'm just too lazy.

IGjDf1e4eQxWyBFArYM8HgvCuns6p+GbfHoE3SPxYV59kXnA12BWdMr6D5eAAFgtBSX+/Yi+vLxMmEiszkwHLCA=


Hahaha. Love that you signed your message with your 'jewgold' address. Nice 0day.


Me too. I love latent antisemitism.


The goto and labels stick out like coal in a pile of gold.


Duly noted. Will attempt to obfuscate using longjmp next time.


No, int is the same size on 32-bit and 64-bit Linux: sizeof(int) == 4 sizeof(long) == 4 (32-bit), 8 (64-bit) sizeof(long long) == 8


I learn something every day, thank you !


I just ran the exploit on a 64bit machine and it worked as expected, I got root privileges.


I just tried it on a 64bit machine and it works.


http://en.wikipedia.org/wiki/64-bit_computing#64-bit_data_mo...


Wrong -- works on x86_64 Debian.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: