SHELLCODE Security Research <GoodFellas@shellcode.com.ar> sent the following to full disclosure -- Hello, The present document aims to demonstrate a design weakness found in the handling of simply linked lists used to register binary formats handled by Linux kernel, and affects all the kernel families (2.0/2.2/2.4/2.6), allowing the insertion of infection modules in kernel
SHELLCODE Security Research <GoodFellas@shellcode.com.ar> sent the following to full disclosure -- Hello, The present document aims to demonstrate a design weakness found in the handling of simply linked lists used to register binary formats handled by Linux kernel, and affects all the kernel families (2.0/2.2/2.4/2.6), allowing the insertion of infection modules in kernel space that can be used by malicious users to create infection tools, for example rootkits. POC, details and proposed solution at: English version: http://www.shellcode.com.ar/docz/binfmt-en.pdf Spanish version: http://www.shellcode.com.ar/docz/binfmt-es.pdf regards, -- SHELLCODE Security Research TEAM GoodFellas@shellcode.com.ar http://www.shellcode.com.ar -- I'm looking through the last weeks vulnerability reports atm., if we have missed one. I did not examine the paper, but it looks good enough to let some kernel guy have a look (and possibly dismiss it).
the paper is just fucking stupid ... the guys who wrote it need to be shot
this is a feature, not a bug
