Fixed in vanilla 2.6.11.6 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.6 Potential DOS in load_elf_library Yichen Xie <yxie@cs.stanford.edu> points out that load_elf_library can modify `elf_phdata' before freeing it. CAN-2005-0749 is assigned to this issue.
mips-sources fixed.
Fixed in gentoo-sources-2.6.11-r6
Fixed in usermode-sources-2.6.11
Created attachment 58065 [details, diff] Clean (fix) patch. I'll add it to the gentoo-sources patchset and post a new ebuild and patchball to: http://pearls.tuxedo-es.org/gentoo/hardened/kernel/
Updated hardened-sources patchset to fix CAN-2005-0749: http://pearls.tuxedo-es.org/gentoo/hardened/kernel/ Cheers, Lorenzo.
Fixed in ck-sources-2.6.11-r7
This also affects the 2.4 series. From solar : grsec-sources-2.4.30 is in the tree as ~arch. Note for other bumpers of 2.4.x series. CAN-2004-1056.patch and linux-2.4.28-random-poolsize.patch have never been applied to mainline.
All fixed, closing bug.