SummerCon was absurdly fun. Thanks for redpantz for putting on a great event and all the NY guys for making it a blast. My talk was on a few random Android topics...slides are available below. I threw everything together about 12 hours before my talk so it's a ...
Just got back from SOURCE Boston. SOURCE was a great event: a great line-up of speakers, fun social events (thanks to Rapid7 and iSEC for sponsoring), and smooth execution (props to Stacy and Zach). My talk was on the topic of Linux kernel security, slides are available here.
A vulnerability in the ReiserFS filesystem of the Linux kernel (versions <= 2.6.34-rc3) allows for the unprivileged reading and writing of objects in the .reiserfs_priv path. Leveraging extended attributes and POSIX file-based capabilities, this vulnerability allows for privilege escalation on systems with a ReiserFS filesystem.
The vulnerability ...!--more-->
A recent vulnerability in the Linux kernel (versions <= 2.6.32-rc1) allows the leakage of certain register contents. The x86-64 registers r8-r11 may be leaked to 32-bit unprivileged userspace applications that switch themselves into 64-bit mode.
In order to understand this vulnerability, we first need to talk a bit ...!--more-->
Copyright © 2015 - Jon Oberheide <jon at oberheide dot org>.