Linux教程網 >> Linux基礎 >> Linux教程 >> Linux compat vulns 的臨時解決方法

Linux compat vulns 的臨時解決方法

日期：2017/2/28 16:29:53 编辑：Linux教程

這裡簡單介紹 linux compat vulns 的臨時解決方法 (適用於線上的64bit生產系統，如部署新系統請先更新代碼).
向 Wojciech Purczynski 致敬.

關於此問題的更多資料請繼續下面的閱讀…
kernel git commit: compat: Make compat_alloc_user_space() incorporate the access_ok()
Red Hat Bug 634457 - (CVE-2010-3081) CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow
Documentation: binfmt_misc.txt
Workaround for Ac1db1tch3z exploit.

# 如果確定線上64bit系統不需要運行32bit的程序，則可以把32bit兼容模式關掉.
# 並寫入到/etc/rc.local中. 如果需要運行32bit程序則此方法不適用.
# echo ':32bits:M:0:\x7fELF\x01::/bin/echo:' > /proc/sys/fs/binfmt_misc/register

# 如需要取消此限制…執行如下命令即可
# echo -1 > /proc/sys/fs/binfmt_misc/32bits

eg:
[root@localhost ~]# cd /proc/sys/fs/binfmt_misc/
[root@localhost binfmt_misc]# ls
register status
[root@localhost binfmt_misc]#
[root@localhost binfmt_misc]# echo ':32bits:M:0:\x7fELF\x01::/bin/echo:' > /proc/sys/fs/binfmt_misc/register
[root@localhost binfmt_misc]# ls
32bits register status
[root@localhost binfmt_misc]# cat 32bits
enabled
interpreter /bin/echo
flags:
offset 0
magic 7f454c4601
[root@localhost binfmt_misc]#

# 測試..
[sina@localhost ~]$ ./h
./h
[sina@localhost ~]$

附: 魔幻數字 '\x7fELF\x01' 的含義…

[sina@localhost ~]$ file h
h: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), for GNU/Linux 2.6.9, not stripped
[sina@localhost ~]$ file /bin/ls
/bin/ls: ELF 64-bit LSB executable, AMD x86-64, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), for GNU/Linux 2.6.9, stripped
[sina@localhost ~]$
[sina@localhost ~]$ readelf -h ./h
ELF Header:
Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
Class: ELF32
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: Intel 80386
Version: 0x1
Entry point address: 0x80482b0
Start of program headers: 52 (bytes into file)
Start of section headers: 1908 (bytes into file)
Flags: 0x0
Size of this header: 52 (bytes)
Size of program headers: 32 (bytes)
Number of program headers: 7
Size of section headers: 40 (bytes)
Number of section headers: 28
Section header string table index: 25
[sina@localhost ~]$ readelf -h /bin/ls
ELF Header:
Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
Class: ELF64
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: Advanced Micro Devices X86-64
Version: 0x1
Entry point address: 0x402460
Start of program headers: 64 (bytes into file)
Start of section headers: 89256 (bytes into file)
Flags: 0x0
Size of this header: 64 (bytes)
Size of program headers: 56 (bytes)
Number of program headers: 8
Size of section headers: 64 (bytes)
Number of section headers: 31
Section header string table index: 30
[sina@localhost ~]$