Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 91173 - Kernel: it87, via686a drivers insecure file creation (CAN-2005-{1368,1369})
Summary: Kernel: it87, via686a drivers insecure file creation (CAN-2005-{1368,1369})
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All All
: High minor (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/15204/
Whiteboard: [linux < 2.6.11.8]
Keywords:
: 91175 93669 (view as bug list)
Depends on:
Blocks:
 
Reported: 2005-05-02 07:05 UTC by Jean-François Brunette (RETIRED)
Modified: 2009-07-13 19:22 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jean-François Brunette (RETIRED) gentoo-dev 2005-05-02 07:05:49 UTC 
Description:
Jean Delvare has reported a security issue in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The problem is that the it87 and via686a hardware monitoring drivers create the sysfs file "alarms" with insecure permissions granting write access to the file. This can be exploited to exhaust all available CPU resources by writing to the file.

Solution:
Update to version 2.6.11.8.
Comment 1 Jakub Moc (RETIRED) gentoo-dev 2005-05-02 08:50:57 UTC 
*** Bug 91175 has been marked as a duplicate of this bug. ***
Comment 2 Daniel Drake (RETIRED) gentoo-dev 2005-05-17 04:05:08 UTC 
Fixed in genpatches-2.6-11.12
Fixed in gentoo-sources-2.6.11-r9
Comment 3 Thierry Carrez (RETIRED) gentoo-dev 2005-05-23 04:44:05 UTC 
From Ubuntu's USN-131-1

The it87 and via686a hardware monitoring drivers created a sysfs file
named "alarms" with write permissions, but they are not designed to be
writeable. This allowed a local user to crash the kernel by
attempting to write to these files. (CAN-2005-1369)
Comment 4 Thierry Carrez (RETIRED) gentoo-dev 2005-05-23 04:44:13 UTC 
*** Bug 93669 has been marked as a duplicate of this bug. ***
Comment 5 Tim Yamin (RETIRED) gentoo-dev 2005-06-11 11:07:31 UTC 
CAN-2005-1368 has the same resolution (>= 2.6.11.8)
Comment 6 Tim Yamin (RETIRED) gentoo-dev 2005-11-26 03:16:38 UTC 
All fixed, closing.