This article is a followup to our last year’s advisory on canary randomisation for applications of the Debian distribution.
|Affected Products:||Linux kernel versions from 2.6.32 to 2.6.32-rc7.|
|Class:||Off-by-two stack buffer overflow.|
|Discovered by:||Patroklos Argyroudis|
We have found an off-by-two stack buffer overflow in the Linux kernel SUNRPC implementation. Linux kernel versions from 2.6.32 to 2.6.32-rc7 are affected.
Yesterday I helped my friend kargig to analyse a rootkit he has recovered from a compromised Linux system. You can find the complete write-up at his