Could it be that /proc/self/mem is also not writable in alpine?
On Fri Oct 21 11:23:40 2016 GMT+0200, Kevin M. Gallagher wrote:
> I just tried to execute the proof-of-concept on Alpine, and it didn't work> (the file is supposed to be overwritten). No grsec messages logged, but I> figure maybe it's not effective under grsecurity for some reason. Still a> good idea to patch anyway...> > On Fri, Oct 21, 2016 at 1:50 AM, Kevin M. Gallagher <> kevingallagher@gmail.com> wrote:> > > Great to hear. Thanks a lot, Natanael!> >> > On Fri, Oct 21, 2016 at 1:38 AM, Natanael Copa <ncopa@alpinelinux.org>> > wrote:> >> >> On Thu, 20 Oct 2016 21:53:03 -0700> >> "Kevin M. Gallagher" <kevingallagher@gmail.com> wrote:> >>> >> > Details:> >> >> >> > http://dirtycow.ninja/> >> > https://lkml.org/lkml/2016/10/19/860> >> >> >> > Proof of concept:> >> > https://github.com/dirtycow/dirtycow.github.io/blob/master/dirtyc0w.c> >> >> >> > I'm using Alpine Linux for a time-urgent and security-critical project> >> > happening this weekend, and would really like to see this fixed.> >> However,> >> > I'm not familiar with aports or the way you build kernels in Alpine. Is> >> > anyone available to update the kernel in linux-grsec in the 3.4-stable> >> > branch and/or backport the patch, sometime soon?> >>> >> Yes. Updated kernels will be available with an hour or two. At least> >> for edge and v3.4.> >>> >> -nc> >>> >> >>
Re: [alpine-devel] CVE-2016-5195: Local privilege escalation exploit in Linux kernel
Same deal on non-Alpine grsec. Think it's cause of grsec /proc
restrictions in general, but I don't know a ton about the memory subsystem.
On 10/21/2016 03:00 AM, 7heo wrote:
> Could it be that /proc/self/mem is also not writable in alpine?>> On Fri Oct 21 11:23:40 2016 GMT+0200, Kevin M. Gallagher wrote:>> I just tried to execute the proof-of-concept on Alpine, and it didn't work>> (the file is supposed to be overwritten). No grsec messages logged, but I>> figure maybe it's not effective under grsecurity for some reason. Still a>> good idea to patch anyway...>>>> On Fri, Oct 21, 2016 at 1:50 AM, Kevin M. Gallagher <>> kevingallagher@gmail.com> wrote:>>>>> Great to hear. Thanks a lot, Natanael!>>>>>> On Fri, Oct 21, 2016 at 1:38 AM, Natanael Copa <ncopa@alpinelinux.org>>>> wrote:>>>>>>> On Thu, 20 Oct 2016 21:53:03 -0700>>>> "Kevin M. Gallagher" <kevingallagher@gmail.com> wrote:>>>>>>>>> Details:>>>>>>>>>> http://dirtycow.ninja/>>>>> https://lkml.org/lkml/2016/10/19/860>>>>>>>>>> Proof of concept:>>>>> https://github.com/dirtycow/dirtycow.github.io/blob/master/dirtyc0w.c>>>>>>>>>> I'm using Alpine Linux for a time-urgent and security-critical project>>>>> happening this weekend, and would really like to see this fixed.>>>> However,>>>>> I'm not familiar with aports or the way you build kernels in Alpine. Is>>>>> anyone available to update the kernel in linux-grsec in the 3.4-stable>>>>> branch and/or backport the patch, sometime soon?>>>> Yes. Updated kernels will be available with an hour or two. At least>>>> for edge and v3.4.>>>>>>>> -nc>>>>>>>> >
Re: [alpine-devel] CVE-2016-5195: Local privilege escalation exploit in Linux kernel
Okay, an update. It turns out grsecurity is definitely vulnerable to the
flaw, it's just a poor proof-of-concept that would work w/ modifications in
order to hit that race more reliably. Glad you guys patched.
Thanks for expediting.
On Oct 21, 2016 3:02 AM, "Kevin Gallagher" <kevingallagher@gmail.com> wrote:
> Same deal on non-Alpine grsec. Think it's cause of grsec /proc> restrictions in general, but I don't know a ton about the memory subsystem.>> On 10/21/2016 03:00 AM, 7heo wrote:>> Could it be that /proc/self/mem is also not writable in alpine?>> On Fri Oct 21 11:23:40 2016 GMT+0200, Kevin M. Gallagher wrote:>> I just tried to execute the proof-of-concept on Alpine, and it didn't work> (the file is supposed to be overwritten). No grsec messages logged, but I> figure maybe it's not effective under grsecurity for some reason. Still a> good idea to patch anyway...>> On Fri, Oct 21, 2016 at 1:50 AM, Kevin M. Gallagher <kevingallagher@gmail.com> wrote:>>> Great to hear. Thanks a lot, Natanael!>> On Fri, Oct 21, 2016 at 1:38 AM, Natanael Copa <ncopa@alpinelinux.org> <ncopa@alpinelinux.org>> wrote:>>> On Thu, 20 Oct 2016 21:53:03 -0700> "Kevin M. Gallagher" <kevingallagher@gmail.com> <kevingallagher@gmail.com> wrote:>>> Details:> http://dirtycow.ninja/https://lkml.org/lkml/2016/10/19/860>> Proof of concept:https://github.com/dirtycow/dirtycow.github.io/blob/master/dirtyc0w.c>> I'm using Alpine Linux for a time-urgent and security-critical project> happening this weekend, and would really like to see this fixed.>> However,>> I'm not familiar with aports or the way you build kernels in Alpine. Is> anyone available to update the kernel in linux-grsec in the 3.4-stable> branch and/or backport the patch, sometime soon?>>> Yes. Updated kernels will be available with an hour or two. At least> for edge and v3.4.>> -nc>>>> >>>>