165750 – Kernel: sys-kernel/hardened sources - privilege escalation (CVE-2007-0257)

Bug 165750 - Kernel: sys-kernel/hardened sources - privilege escalation (CVE-2007-0257)

Summary: Kernel: sys-kernel/hardened sources - privilege escalation (CVE-2007-0257)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://grsecurity.net/news.php#digita...
Whiteboard:	[hardened < 2.4.34] [hardened > 2.6 <...
Keywords:

Depends on:
Blocks:

Reported:	2007-02-07 11:58 UTC by Daniel Black (RETIRED)
Modified:	2009-07-14 07:02 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Black (RETIRED) gentoo-dev

2007-02-07 11:58:01 UTC

Upstream is erring on the side of caution though they say a resonable configuration should be protected.

Pappy's already added fixes.

Fixed in hardened-sources-2.4.34 and hardened-sources-2.6.19-r5

Comment 1 Gordon Malm (RETIRED) gentoo-dev

2008-03-03 10:22:09 UTC

This bug no longer applies to any hardened-sources in portage and should be closed.

Comment 2 kfm 2008-03-03 13:56:41 UTC

Good catch.

Comment 3 Bjoern Tropf (RETIRED) gentoo-dev

2009-07-12 19:40:57 UTC

CVE-2007-0257:
Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code.