Difference between revisions of "Kernel Weakness"

From Atomicorp Wiki
Jump to: navigation, search
m
m
 
Line 8: Line 8:
 
'''Kernel Weakness Vulnerabilities'''
 
'''Kernel Weakness Vulnerabilities'''
  
[[No Kernel Anonymous mapping randomization|grsec_randamap]]
+
[[grsec_randamap|No Kernel Anonymous mapping randomization]]
  
[[grsec_randheap1]]
+
[[grsec_randheap1|No Kernel Heap randomization (ET_EXEC)]]
  
[[grsec_randheap2]]
+
[[grsec_randheap2|No Kernel Heap randomization (ET_DYN)]]
  
[[grsec_randmain2]]
+
[[grsec_randmain2|No Kernel Main executable randomization]]
  
[[grsec_randshlib]]
+
[[grsec_randshlib|No Kernel Shared library randomization]]
  
[[grsec_randstack1]]
+
[[grsec_randstack1|No Kernel Stack randomization]]
  
[[grsec_randstack2]]
+
[[grsec_randstack2|No Kernel Stack randomization]]

Latest revision as of 17:28, 31 December 2009

Description

This is a type of vulnerability in the kernel of the system itself. The kernel is not robust to the type of vulnerability. ASL includes a special kernel that is immune to these weaknesses. If you are getting a kernel weakness vulnerability alert on your system then you are not running a secure kernel like ASL.

This means your system is vulnerable to a whole class of attacks that can cause the entire system to become compromised.


Kernel Weakness Vulnerabilities

No Kernel Anonymous mapping randomization

No Kernel Heap randomization (ET_EXEC)

No Kernel Heap randomization (ET_DYN)

No Kernel Main executable randomization

No Kernel Shared library randomization

No Kernel Stack randomization

No Kernel Stack randomization

Personal tools