The present document aims to demonstrate a design weakness found in the handling of simply
linked lists used to register binary formats handled by Linux kernel, and affects all the kernel
families (2.0/2.2/2.4/2.6), allowing the insertion of infection modules in kernel space that can be
used by malicious users to create infection tools, for example rootkits.
POC, details and proposed solution at:
English version: http://www.shellcode.com.ar/docz/binfmt-en.pdf
Spanish version: http://www.shellcode.com.ar/docz/binfmt-es.pdf
regards,
--
SHELLCODE Security Research TEAM
[EMAIL PROTECTED]
http://www.shellcode.com.ar
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
