[MPlayer-dev-eng] [PATCH] svgalib_helper root vuln
Diego Biurrun
diego at biurrun.de
Wed Oct 6 12:03:47 CEST 2004
D Richard Felker III writes:
> On Sun, Oct 03, 2004 at 09:34:56PM -0400, The Wanderer wrote:
> > D Richard Felker III wrote:
> >
> > >it comes with recent svgalib. but be warned, it contains a very
> > >stupid vulnerability that lets any user with access to the helper
> > >access all of kernel memory read/write.. someday i'm gonna submit a
> > >patch.
> >
> > I'll pass that on to my siblings, then, and see about giving it a try
> > myself. If/when you do get around to submitting a patch, I'd be glad if
> > you could somehow let me know (since I don't follow svgalib development,
> > at least not yet), because I don't like using things with known security
> > flaws.
>
> ok i'm attaching the fix. it's not a great patch but it should work.
> note that it also prevents mapping some low memory that was
> unconditionally allowed before. some stupid drivers may need this low
> area, but it's inherently a security hole. i doubt any vidix drivers
> need it, just bad svgalib drivers...
Have you sent this upstream?
Diego
More information about the MPlayer-dev-eng
mailing list