[Bug 1725348] Re: Systemd - Bypassing MemoryDenyWriteExecution policy
Dimitri John Ledkov
launchpad at surgut.co.uk
Tue Feb 20 16:04:24 UTC 2018
** Description changed:
+ [Impact]
+
+ * MemoryDenyWritePolicy can be bypassed by using a slightly different
+ syscall.
+
+ [Test Case]
+
+ * Check that MemoryDenyWritePolicy, blocks pkey_mprotect as well as
+ mprotect.
+
+ [Regression Potential]
+
+ * Upstream fix cherrypick, security vulnerability.
+
+ [Other Info]
+
+ * Original report
+
Hello,
We would like to report to you a vulnerability about systemd which
allows to bypass the MemoryDenyWriteExecution policy on Linux 4.9+.
The vulnerability is described in the attached PDF file.
-
- Sincerely,
+ Sincerely,
Thomas IMBERT
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1725348
Title:
Systemd - Bypassing MemoryDenyWriteExecution policy
Status in systemd package in Ubuntu:
Fix Released
Status in systemd source package in Xenial:
Invalid
Status in systemd source package in Zesty:
Won't Fix
Status in systemd source package in Artful:
In Progress
Status in systemd source package in Bionic:
Fix Released
Bug description:
[Impact]
* MemoryDenyWritePolicy can be bypassed by using a slightly different
syscall.
[Test Case]
* Check that MemoryDenyWritePolicy, blocks pkey_mprotect as well as
mprotect.
[Regression Potential]
* Upstream fix cherrypick, security vulnerability.
[Other Info]
* Original report
Hello,
We would like to report to you a vulnerability about systemd which
allows to bypass the MemoryDenyWriteExecution policy on Linux 4.9+.
The vulnerability is described in the attached PDF file.
Sincerely,
Thomas IMBERT
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725348/+subscriptions
More information about the foundations-bugs
mailing list