感谢支持
我们一直在努力

Linux compat vulns 的临时解决方法

这里简单介绍 linux compat vulns 的临时解决方法 (适用于线上的64bit生产系统,如部署新系统请先更新代码).
Wojciech Purczynski 致敬.

关于此问题的更多资料请继续下面的阅读…
kernel git commit:
compat: Make compat_alloc_user_space() incorporate the access_ok()
Red Hat Bug 634457(CVE-2010-3081) CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow
Documentation: binfmt_misc.txt
Workaround for
Ac1db1tch3z exploit.


# 如果确定线上64bit系统不需要运行32bit的程序,则可以把32bit兼容模式关掉.
# 并写入到/etc/rc.local中. 如果需要运行32bit程序则此方法不适用.
# echo ‘:32bits:M:0:\x7fELF\x01::/bin/echo:’ > /proc/sys/fs/binfmt_misc/register


# 如需要取消此限制…执行如下命令即可
# echo -1 > /proc/sys/fs/binfmt_misc/32bits


eg:

[root@localhost ~]# cd /proc/sys/fs/binfmt_misc/
[root@localhost binfmt_misc]# ls
register status
[root@localhost binfmt_misc]#
[root@localhost binfmt_misc]# echo ‘:32bits:M:0:\x7fELF\x01::/bin/echo:’ > /proc/sys/fs/binfmt_misc/register
[root@localhost binfmt_misc]# ls
32bits register status
[root@localhost binfmt_misc]# cat 32bits
enabled
interpreter /bin/echo
flags:
offset 0
magic 7f454c4601
[root@localhost binfmt_misc]#


# 测试..
[sina@localhost ~]$ ./h
./h
[sina@localhost ~]$


附: 魔幻数字 ‘\x7fELF\x01’ 的含义…


[sina@localhost ~]$ file h
h: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), for GNU/Linux 2.6.9, not stripped
[sina@localhost ~]$ file /bin/ls
/bin/ls: ELF 64-bit LSB executable, AMD x86-64, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), for GNU/Linux 2.6.9, stripped
[sina@localhost ~]$
[sina@localhost ~]$ readelf -h ./h
ELF Header:
Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
Class: ELF32
Data: 2’s complement, little endian
Version: 1 (current)
OS/ABI: UNIX – System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: Intel 80386
Version: 0x1
Entry point address: 0x80482b0
Start of program headers: 52 (bytes into file)
Start of section headers: 1908 (bytes into file)
Flags: 0x0
Size of this header: 52 (bytes)
Size of program headers: 32 (bytes)
Number of program headers: 7
Size of section headers: 40 (bytes)
Number of section headers: 28
Section header string table index: 25
[sina@localhost ~]$ readelf -h /bin/ls
ELF Header:
Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
Class: ELF64
Data: 2’s complement, little endian
Version: 1 (current)
OS/ABI: UNIX – System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: Advanced Micro Devices X86-64
Version: 0x1
Entry point address: 0x402460
Start of program headers: 64 (bytes into file)
Start of section headers: 89256 (bytes into file)
Flags: 0x0
Size of this header: 64 (bytes)
Size of program headers: 56 (bytes)
Number of program headers: 8
Size of section headers: 64 (bytes)
Number of section headers: 31
Section header string table index: 30
[sina@localhost ~]$




[ –EOF- ]

赞(0) 打赏
转载请注明出处:服务器评测 » Linux compat vulns 的临时解决方法
分享到: 更多 (0)

听说打赏我的人,都进福布斯排行榜啦!

支付宝扫一扫打赏

微信扫一扫打赏