Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities. The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Grsecurity_kernel_patch | Grsecurity | 1.9.4 (including) | 1.9.4 (including) |
| Grsecurity_kernel_patch | Grsecurity | 2.0.1 (including) | 2.0.1 (including) |
| Grsecurity_kernel_patch | Grsecurity | 2.0.2 (including) | 2.0.2 (including) |
| Grsecurity_kernel_patch | Grsecurity | 2.1.0 (including) | 2.1.0 (including) |
| Grsecurity_kernel_patch | Grsecurity | 2.1.1 (including) | 2.1.1 (including) |
| Grsecurity_kernel_patch | Grsecurity | 2.1.2 (including) | 2.1.2 (including) |
| Grsecurity_kernel_patch | Grsecurity | 2.1.3 (including) | 2.1.3 (including) |
| Grsecurity_kernel_patch | Grsecurity | 2.1.4 (including) | 2.1.4 (including) |
| Grsecurity_kernel_patch | Grsecurity | 2.1.5 (including) | 2.1.5 (including) |
| Grsecurity_kernel_patch | Grsecurity | 2.1.6 (including) | 2.1.6 (including) |
| Grsecurity_kernel_patch | Grsecurity | 2.1.7 (including) | 2.1.7 (including) |
| Grsecurity_kernel_patch | Grsecurity | 2.1.8 (including) | 2.1.8 (including) |