Exploit the possiblities

Linux Kernel Patches

Linux Kernel Patches
Posted Oct 14, 2013
Authored by x90c

This is a brief whitepaper that discusses various Linux kernel patches.

tags | paper, kernel
systems | linux
MD5 | 2c3fc5ac34f881418e756971c762ccb0

Linux Kernel Patches

Change Mirror Download

Linux Kernel Patches For Linux Kernel Security

___ ___
/ _ \ / _ \
__ __| (_) || | | | ___
\ \/ / \__. || | | | / __|
> < / / | |_| || (__
/_/\_\ /_/ \___/ \___|



[toc]

----[ 1. Intro

----[ 2. Linux Kernel Patch For Security

----[ 3. Linux Kernel Protections

--------[ 3.1 Hardened kernel In distro

--------[ 3.2 Kernel Protections In kernel version

--------[ 3.3 LSM In kernel version

----[ 4. Underground Hacker Scene of south korea In 2013

----[ 5. Conclusion

----[ 6. Greets


--------[ 1. Intro

The article review linux kernel patches for
Linux kernel security And describe vulnerable
with the figures order by kernel version and
-linux distro.


--------[ 2. Linux Kernel Patch For Security

The userland support kernel patch support userland
security on kernelland and kernelland security patch
support kernelland security on kernelland. There's
Three types of linux kernel patch for linux
-kernel security.

- Both: GRSEC/PaX kernel, SELinux
- Userland support: Owl, AppArmor, Smack
exec-shield kernel
- Kernelland support: LSM, SecComp sandbox
Linux kernel capabilities, mmap_min_addr
grsecurity UDEREF, KERNHEAP


--------[ 3. Linux Kernel Protections


--------[ 3.1 Hardened kernel In distro

-----------------------------------------------------+
Hardened kernel | Distro |
-----------------------------------------------------+
grsec/PaX | Hardened Gentoo Linux, OpenBSD |
| Adamantix that trusted debian. |
Owl | RHEL4, FC3, CentOS4. |
Exec-shield | RHEL 3/4, FC1~FC5. |
-----------------------------------------------------\

Owl support on RHEL4, ... by binary and packages.
See the figure, We got the choose Owl? or Exec-shield?
on RHEL4, FC3.


--------[ 3.2 Kernel Protections In kernel version

-----------------------------------------------------+
Linux Kernel Part | Kernel version |
-----------------------------------------------------+
LSM | 2.6, 3.0, 3.2, 3.4~3.10 |
SecComp sandbox mode | same with lsm |
Linux Kernel Capabilities | 2.2, 2.4, 2.6 3.0, 3.2 |
| 3.4~3.10 |
mmap_min_addr | 2.6, 3.0, 3.4~3.10 |
KERNHEAP | 2.6 |
grsec UDEREF | 2.6, 3.2, 3.8, 3.9 |
-----------------------------------------------------\

Linux kernel capabilities is the old protection from
2.2 linux kernel and no protection added In 2.4 kernel
from 2.6 kernel provided LSM, mmap_min_addr, SecComp
sandbox, KERNHEAP, grsec UDREF.

2.4 kernel was vulnerable than other kernel version
by isec kernel exploits, ... . mmap_min_addr protect
to NULL pointer dereference, KERNHEAP/UDEREF provide
kernel heap/stack protection. In 2.4 kernel
vulnerable to NULL pointer dereference and kernel heap
attacks. Even though mmap_min_addr, we can still attack
A little distros used 2.6 kernel.

The KERNHEAP Implemented the protection guard metadata
And safe unlinking to protect heap overflows on the
Kernel.


--------[ 3.3 LSM In kernel version

LSM linux security module is module architecture
-support linux kernel security. It provides kernel
Interface to program a security module for linux.

---------------------------------------------+
2.6 | SELinux, AppArmor, tomoyo linux |
| -Smack. |
3.4~3.10 | same with 2.6, yama. |
---------------------------------------------\

The SELinux provided with LSM, userland utils
And support kernelland/userland security both. The
AppArmor Implemented MAC security model.


--------[ 4. Underground Hacker Scene of south korea In 2013

In the region south korea, korean hacker community
'korean underground' kidz Is there. The korean
underground opened three global hacker conferences.
x90c is THE L33T In 2004~2013 who not In the korean
underground. Except The l33t, all hackers In south
-korea was/are In the korean underground.
Check it out http://www.x90c.org/profile.txt.


--------[ 5. Conclusion

2.2, 2.4 linux kernel is vulnerable for linux kernel
-attacks and 2.6 after kernel versions are safe than
above mentioned because It provided kernel patches to
protect kernel exploits under 2.4.

If *BSD exploitation, on FreeBsd is better than
openbsd with grsec/PaX kernel.

After 3.0 kernel versions are vulnerable to
Kernel heap overflows with ..., SLAB, SLUB, SLOB
Allocator because the KERNHEAP doesn't supported
-for the versions.


--------[ 6. Greets

BSDaemon
@yokai#phrack
It's linux kernel security and greets to
grsec/pax spender also.

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    7 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close