Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 54976 - sys-kernel/* Privilege escalation bugs revealed by Sparse tool
Summary: sys-kernel/* Privilege escalation bugs revealed by Sparse tool
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All All
: High critical (vote)
Assignee: Gentoo Security
URL: http://cve.mitre.org/cgi-bin/cvename....
Whiteboard: A1 [kernel]
Keywords:
: 54977 (view as bug list)
Depends on:
Blocks:
 
Reported: 2004-06-24 01:23 UTC by Thierry Carrez (RETIRED)
Modified: 2011-10-30 22:42 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thierry Carrez (RETIRED) gentoo-dev 2004-06-24 01:23:18 UTC
From the RedHat advisory (http://rhn.redhat.com/errata/RHSA-2004-260.html):

Enhancements were committed to the 2.6 kernel by Al Viro which enabled the
Sparse source code checking tool to check for a certain class of kernel
bugs. A subset of these fixes also applies to various drivers in the 2.4
kernel. These flaws could lead to privilege escalation or access to kernel
memory. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2004-0495 to these issues.
Comment 1 Tim Yamin (RETIRED) gentoo-dev 2004-06-25 15:17:09 UTC
*** Bug 54977 has been marked as a duplicate of this bug. ***
Comment 2 Tim Yamin (RETIRED) gentoo-dev 2004-06-25 15:18:19 UTC
------- Merging Comment #0 From Bug #54977 2004-06-24 01:26 PST -------

From the Mandrake advisory
(http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:062):

A vulnerability in the e1000 driver for the Linux kernel 2.4.26 and
earlier was discovered by Chris Wright.  The e1000 driver does not
properly reset memory or restrict the maximum length of a data
structure, which can allow a local user to read portions of kernel
memory (CAN-2004-0535).
Comment 3 Tim Yamin (RETIRED) gentoo-dev 2004-06-25 15:23:58 UTC
Most things should now be patched; adding externally maintained sources on to the CC lists for kernels which need patching for both CAN-2004-0495 and CAN-2004-0535:

sys-kernel/grsec-sources - Adding solar...
sys-kernel/hardened-sources - Adding hardened...
sys-kernel/hardened-dev-sources - Same as above...
sys-kernel/hppa-dev-sources - Adding GMSoft; this just needs 2.6.7 stable.
sys-kernel/hppa-sources - Adding GMSoft; this needs patching.
sys-kernel/openmosix-sources - Adding cluster...
sys-kernel/pegasos-sources - Adding dholm...
sys-kernel/rsbac-dev-sources - Adding kang...
Comment 4 solar (RETIRED) gentoo-dev 2004-06-25 21:52:37 UTC
../../gentoo-sources/files/gentoo-sources-2.4.CAN-2004-0495.patch
../../gentoo-sources/files/gentoo-sources-2.4.CAN-2004-0535.patch
Above added to grsec-sources/files/
Updated digests and verified a clean src_unpack.
Added ChangeLog references to this bug.
Unable to verify runtime at this point in time.
Comment 5 David Holm (RETIRED) gentoo-dev 2004-06-27 13:49:54 UTC
pegasos-sources has been updated
Comment 6 Tim Yamin (RETIRED) gentoo-dev 2004-06-29 09:25:54 UTC
Hardened-dev-sources is OK now; it's been bumped to 2.6.7.
Comment 7 Tim Yamin (RETIRED) gentoo-dev 2004-06-29 09:27:07 UTC
Adding `Kumba for mips-sources...
Comment 8 Kurt Lieber (RETIRED) gentoo-dev 2004-06-29 10:01:02 UTC
belatedly adding Chris for selinux-sources.
Comment 9 Andrea Luzzardi 2004-06-29 10:36:24 UTC
hardened-sources updated
Comment 10 Chris PeBenito (RETIRED) gentoo-dev 2004-06-29 11:03:25 UTC
selinux-src fixed
Comment 11 SpanKY gentoo-dev 2004-06-29 15:43:42 UTC
hppa-dev-sources is stable now
Comment 12 Brandon Hale (RETIRED) gentoo-dev 2004-06-29 22:36:44 UTC
hardened-dev-sources-2.6.7 marked ~x86 ~ppc ~amd64
it only has a stable version on amd64. This might be a good time
for arch testing :)
Comment 13 Guillaume Destuynder (RETIRED) gentoo-dev 2004-06-30 06:00:16 UTC
- rsbac-sources: fixed CAN 0535/0495
- rsbac-dev-sources: is using kernel 2.6.7

sorry for the little delay, cvs was buggy and today update fixed things so that i could upload finally a new rsbac-sources.
Comment 14 Konstantin Arkhipov (RETIRED) gentoo-dev 2004-06-30 07:36:24 UTC
openmosix-sources: fixed in -r10, will be unmasked soon.
(patches taken from gentoo-sources, tested)
Comment 15 Joshua Kinard gentoo-dev 2004-07-01 16:40:54 UTC
Added to mips-sources
Comment 16 Guy Martin (RETIRED) gentoo-dev 2004-07-03 15:18:54 UTC
Stable on hppa.
Comment 17 Tim Yamin (RETIRED) gentoo-dev 2004-07-03 16:05:28 UTC
GLSA 200407-02; http://article.gmane.org/gmane.linux.gentoo.announce/382; closing as FIXED.