Users login

Create an account »


Users login

Home » Hacking News » NetBSD Super-H Port sigreturn() Input Validation Vulnerability

NetBSD Super-H Port sigreturn() Input Validation Vulnerability

by platon on June 13th, 2001 Ports of NetBSD for the Hitachi SuperH architecture contain a vulnerability in their implementation of sigreturn()...

Sigreturn() is a system call that is used to resume process execution when the signal handler is finished executing.

This vulnerability could allow for a user-process to resume execution in privileged execution mode after a signal handler has returned.

Exploitation of this vulnerability could lead to a root compromise.

Note: A very similar bug exists in the kernel function 'process_write_regs()'. This function is used internally by the ptrace()/procfs implementations, though it may be passed data that is originally user-supplied. If this is the case, then this vulnerability may be exploitable in the same manner as the sigreturn() vulnerability.

NetBSD has released source-code patches for this vulnerability.

NetBSD NetBSD 1.5 sh3:

NetBSD patch 1.5 sh3patch.diff: [Download]


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »