CONFIG_NOTIFIER_ERROR_INJECTION=n - Notifier error injection allows userspace to inject artificial errors into kernel code. [28] CONFIG_PROFILING=n - Profiling support can potentially allow user space to gather
"y" CONFIG_NOTIFIER_ERROR_INJECTION |kconfig| is not set | grsec |cut_attack_surface| FAIL: "m" CONFIG_FAIL_FUTEX |kconfig| is not set | grsec |cut_attack_surface| OK: is not found CONFIG_PUNIT_ATOM_DEBUG |kconfig| is not set | grsec |cut_attack_surface| FAIL: "m" CONFIG_ACPI...
It’s worth noting that while a Secure Page Table Monitor (SPTM) bypass would be required to make a jailbreak for iOS & iPadOS 17, a SPTM bypass isn’t required to run tweak injection using @eveiyneee’s method via the CoreTrust 2 bug, but tweak support will be more limited than wi...
2016: "Motorola Android Bootloader Kernel Cmdline Injection Secure Boot Bypass" [article] [CVE-2016-10277]2015: "Vulnerability in the Linux Crypto API that allows unprivileged users to load arbitrary kernel modules" by Mathias Krause [annnouncement]Finding Bugs...
2016: "Motorola Android Bootloader Kernel Cmdline Injection Secure Boot Bypass" [article] [CVE-2016-10277] 2015: "Vulnerability in the Linux Crypto API that allows unprivileged users to load arbitrary kernel modules" by Mathias Krause [annnouncement] Finding Bugs 2024: "So You Wanna Find Bugs ...
In that case, the adversary might bypass the KDRM that focuses on the pre- vention of the malicious user process modifying its privileged information. However, it is hard to identify the virtual address of privileged information of other adversary's user processes during the attack execution. ...
- The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor....
select HAVE_FUNCTION_ERROR_INJECTION select HAVE_KRETPROBES select HAVE_KVM select HAVE_LIVEPATCH if X86_64 select HAVE_MIXED_BREAKPOINTS_REGS select HAVE_MOD_ARCH_SPECIFIC select HAVE_MOVE_PMD select HAVE_NMI select HAVE_OPROFILE select HAVE_OPTPROBES select HAVE_PCSPKR_PLAT...
1 - Bypass the IOMMU for DMA. unset - Use IOMMU translation for DMA. io7= [HW] IO7 for Marvel based alpha systems See comment before marvel_specify_io7 in arch/alpha/kernel/core_marvel.c. io_delay= [X86] I/O delay method 0x80 Standard port 0x80 based delay 0xed Alternate port ...
* CPU vulnerability to the three speculative execution attack variants * Vulnerable to Variant 1: YES * Vulnerable to Variant 2: YES * Vulnerable to Variant 3: YES CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1' * Kernel has array_index_mask_nospec: NO ...