87536 – Kernel: Local DoS through tmpfs driver (CAN-2005-0977)

Bug 87536 - Kernel: Local DoS through tmpfs driver (CAN-2005-0977)

Summary: Kernel: Local DoS through tmpfs driver (CAN-2005-0977)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All All

Importance:	High minor (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	[linux <2.6.11]
Keywords:

Depends on:
Blocks:

Reported:	2005-04-01 03:18 UTC by Thierry Carrez (RETIRED)
Modified:	2009-05-03 14:25 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thierry Carrez (RETIRED) gentoo-dev

2005-04-01 03:18:35 UTC

From Ubuntu Security Notice USN-103-1

A Denial of Service vulnerability was found in the tmpfs driver, which
is commonly used to mount RAM disks below /dev/shm and /tmp. The
shm_nopage() did not properly verify its address argument, which could
be exploited by a local user to cause a kernel crash with invalid
addresses.

http://linux.bkbits.net:8080/linux-2.6/cset@420551fbRlv9-QG6Gw9Lw_bKVfPSsg

Comment 1 Daniel Drake (RETIRED) gentoo-dev

2005-04-01 06:02:43 UTC

gentoo-sources-2.6 unaffected

Comment 2 Joshua Kinard gentoo-dev

2005-04-23 22:29:50 UTC

mips-sources fixed.

Comment 3 Robert Paskowitz (RETIRED) gentoo-dev

2005-05-17 16:37:08 UTC

Quiet on the bug, but KISS says done:
http://kiss.gentoo.org/dev/viewBug.php?BugID=87536

Comment 4 Tim Yamin (RETIRED) gentoo-dev

2005-05-27 11:39:03 UTC

All fixed, closing bug.

Comment 5 Robert Buchholz (RETIRED) gentoo-dev

2009-05-03 14:25:20 UTC

http://git.kernel.org/?p=linux/kernel/git/tglx/history.git;a=commit;h=dfceb6d66939565cbccf6379de8a87daefd0c92c