Difference between revisions of "Kernel Weakness"
From Atomicorp Wiki
m |
|||
(3 intermediate revisions by one user not shown) | |||
Line 8: | Line 8: | ||
'''Kernel Weakness Vulnerabilities''' | '''Kernel Weakness Vulnerabilities''' | ||
− | [[grsec_randamap]] | + | [[grsec_randamap|No Kernel Anonymous mapping randomization]] |
− | [[grsec_randheap1]] | + | [[grsec_randheap1|No Kernel Heap randomization (ET_EXEC)]] |
− | [[grsec_randheap2]] | + | [[grsec_randheap2|No Kernel Heap randomization (ET_DYN)]] |
− | [[grsec_randmain2]] | + | [[grsec_randmain2|No Kernel Main executable randomization]] |
− | [[grsec_randshlib]] | + | [[grsec_randshlib|No Kernel Shared library randomization]] |
− | [[grsec_randstack1]] | + | [[grsec_randstack1|No Kernel Stack randomization]] |
− | [[grsec_randstack2]] | + | [[grsec_randstack2|No Kernel Stack randomization]] |
Latest revision as of 16:28, 31 December 2009
Description
This is a type of vulnerability in the kernel of the system itself. The kernel is not robust to the type of vulnerability. ASL includes a special kernel that is immune to these weaknesses. If you are getting a kernel weakness vulnerability alert on your system then you are not running a secure kernel like ASL.
This means your system is vulnerable to a whole class of attacks that can cause the entire system to become compromised.
Kernel Weakness Vulnerabilities
No Kernel Anonymous mapping randomization
No Kernel Heap randomization (ET_EXEC)
No Kernel Heap randomization (ET_DYN)
No Kernel Main executable randomization