Difference between revisions of "Posix spawn kernel information leak"

Revision as of 19:11, 4 January 2014

Vulnerability used in p0sixspwn

Vulnerability

There is a vulnerability in the method posix_spawn() in the XNU kernel. When it is used with the flag _POSIX_SPAWN_DISABLE_ASLR, it disables ASLR for the process running. On x86_64 processes it also disables heap randomization. Furthermore the flag _POSIX_SPAWN_ALLOW_DATA_EXEC enables execution on the heap

Credit

I0n1c

Links

Writeup by i0n1c p. 4 ff.

Revision as of 19:10, 4 January 2014 (view source) Ra1ningSn0w (talk \| contribs) ← Older edit		Revision as of 19:11, 4 January 2014 (view source) Ra1ningSn0w (talk \| contribs) Newer edit →
Line 1:		Line 1:
		+	Vulnerability used in [[p0sixspwn]]
		+
	== '''Vulnerability''' ==		== '''Vulnerability''' ==

Difference between revisions of "Posix spawn kernel information leak"

Revision as of 19:11, 4 January 2014

Vulnerability

Credit

Links

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Miscellaneous

Tools