SELinux blocks CVE-2006-3626 (local privilege escalation)

July 15th, 2006 | Tags:

Joshua Brindle has analyzed the recent /proc local privilege escalation vulnerability, CVE-2006-3626, and posted that SELinux targeted policy prevents exploitation.

It’d be an interesting and useful exercise to go back through historical vulnerabilities and determine how many of them would be mitigated by SELinux and similar technologies (Exec-shield, PIE etc.).

Mark Cox wrote an interesting paper, Risk Report: A year of Red Hat Enterprise Linux 4, which mentions that SELinux blocked the Lupper worm (also noting that that the policy version shipped by default would not have blocked a modified version of the worm).

Update:
SELinux mitigation confirmed by SANS. They also mention mounting /proc as nosuid as a workaround.

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
    bodytext del.icio.us Facebook Google IndianPad Mixx Reddit StumbleUpon Slashdot E-mail this story to a friend! Print this article!
Comments are closed.