[Bug 34130] clock-applet executable stack (security best-practice failure)
John Moser
nigelenki at comcast.net
Wed Mar 8 20:49:00 UTC 2006
Public bug reported:
https://launchpad.net/malone/bugs/34130
Affects: gnome-applets (Ubuntu)
Severity: Normal
Priority: (none set)
Status: Unconfirmed
Description:
lsmemmap.sh shows clock-applet has an executable stack on x86-64. This
is a security best-practice failure: shellcode injection into the
stack is possible now that it is executable. Note that in the case of
clock-applet there is theoretically no way to elevate privileges and
thus this is very minor.
task 5169 (/usr/lib/gnome-panel/clock-applet)
7fffffa56000-7fffffa6a000 rwxp 7fffffa56000 00:00 0 [stack]
Please note that this is not a security vulnerability; it is a failure
to execute security best practices. By correcting this, certain real
vulnerabilities will become difficult or impossible to exploit beyond
basic denial of service.
The most likely cause of this is the use of gcc nested functions in
clock-applet.
See also bug #34129 which has the script I used as an attachment.
More information about the desktop-bugs
mailing list