Bug 87536

Summary:	Kernel: Local DoS through tmpfs driver (CAN-2005-0977)
Product:	Gentoo Security	Reporter:	Thierry Carrez (RETIRED) <koon>
Component:	Kernel	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	minor	CC:	security-kernel
Priority:	High
Version:	unspecified
Hardware:	All
OS:	All
Whiteboard:	[linux <2.6.11]
Package list:		Runtime testing required:	---

Description Thierry Carrez (RETIRED) gentoo-dev

2005-04-01 03:18:35 UTC

From Ubuntu Security Notice USN-103-1

A Denial of Service vulnerability was found in the tmpfs driver, which
is commonly used to mount RAM disks below /dev/shm and /tmp. The
shm_nopage() did not properly verify its address argument, which could
be exploited by a local user to cause a kernel crash with invalid
addresses.

http://linux.bkbits.net:8080/linux-2.6/cset@420551fbRlv9-QG6Gw9Lw_bKVfPSsg

Comment 1 Daniel Drake (RETIRED) gentoo-dev

2005-04-01 06:02:43 UTC

gentoo-sources-2.6 unaffected

Comment 2 Joshua Kinard gentoo-dev

2005-04-23 22:29:50 UTC

mips-sources fixed.

Comment 3 Robert Paskowitz (RETIRED) gentoo-dev

2005-05-17 16:37:08 UTC

Quiet on the bug, but KISS says done:
http://kiss.gentoo.org/dev/viewBug.php?BugID=87536

Comment 4 Tim Yamin (RETIRED) gentoo-dev

2005-05-27 11:39:03 UTC

All fixed, closing bug.

Comment 5 Robert Buchholz (RETIRED) gentoo-dev

2009-05-03 14:25:20 UTC

http://git.kernel.org/?p=linux/kernel/git/tglx/history.git;a=commit;h=dfceb6d66939565cbccf6379de8a87daefd0c92c