** DISPUTED ** Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code.
References
Configurations
Configuration 1 (hide)
|
History
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.digitalarmaments.com/news_news.shtml - Vendor Advisory, URL Repurposed | |
References | () http://www.digitalarmaments.com/pre2007-00018659.html - Vendor Advisory, URL Repurposed |
Information
Published : 2007-01-16 23:28
Updated : 2024-08-07 12:15
NVD link : CVE-2007-0257
Mitre link : CVE-2007-0257
CVE.ORG link : CVE-2007-0257
JSON object : View
Products Affected
grsecurity
- grsecurity_kernel_patch
CWE