86783 – Kernel: Potential DOS in load_elf_library (CAN-2005-0749)

Bug 86783 - Kernel: Potential DOS in load_elf_library (CAN-2005-0749)

Summary: Kernel: Potential DOS in load_elf_library (CAN-2005-0749)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All All

Importance:	High minor (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	[linux < 2.4.30] [linux >= 2.6 < 2.6....
Keywords:

Depends on:
Blocks:

Reported:	2005-03-26 09:22 UTC by Thierry Carrez (RETIRED)
Modified:	2009-05-03 15:05 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Clean (fix) patch. (CAN-2005-0749.patch,2.31 KB, patch) 2005-05-04 13:29 UTC, Lorenzo Hernández García-Hierro	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thierry Carrez (RETIRED) gentoo-dev

2005-03-26 09:22:57 UTC

Fixed in vanilla 2.6.11.6
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.6

Potential DOS in load_elf_library
	
Yichen Xie <yxie@cs.stanford.edu> points out that load_elf_library can
modify `elf_phdata' before freeing it.
	
CAN-2005-0749 is assigned to this issue.

Comment 1 Joshua Kinard gentoo-dev

2005-04-23 22:28:16 UTC

mips-sources fixed.

Comment 2 Daniel Drake (RETIRED) gentoo-dev

2005-04-27 13:43:41 UTC

Fixed in gentoo-sources-2.6.11-r6

Comment 3 Daniel Drake (RETIRED) gentoo-dev

2005-04-29 17:39:21 UTC

Fixed in usermode-sources-2.6.11

Comment 4 Lorenzo Hernández García-Hierro 2005-05-04 13:29:06 UTC

Created attachment 58065 [details, diff]
Clean (fix) patch.

I'll add it to the gentoo-sources patchset and post a new ebuild and patchball
to:
http://pearls.tuxedo-es.org/gentoo/hardened/kernel/

Comment 5 Lorenzo Hernández García-Hierro 2005-05-05 06:03:48 UTC

Updated hardened-sources patchset to fix CAN-2005-0749:

http://pearls.tuxedo-es.org/gentoo/hardened/kernel/

Cheers,
Lorenzo.

Comment 6 Daniel Drake (RETIRED) gentoo-dev

2005-05-10 15:32:56 UTC

Fixed in ck-sources-2.6.11-r7

Comment 7 Thierry Carrez (RETIRED) gentoo-dev

2005-05-23 04:58:32 UTC

This also affects the 2.4 series.

From solar :
grsec-sources-2.4.30 is in the tree as ~arch.

Note for other bumpers of 2.4.x series.
CAN-2004-1056.patch and linux-2.4.28-random-poolsize.patch have never 
been applied to mainline.

Comment 8 Tim Yamin (RETIRED) gentoo-dev

2005-08-20 11:45:57 UTC

All fixed, closing bug.