Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 105937

Summary: Kernel: Local DoS through SCSI procfs (CAN-2005-2800)
Product: Gentoo Security Reporter: Thierry Carrez (RETIRED) <koon>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: security-kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=729d70f5dfd663b44bca68a4479c96bde7e535d6;hp=8126fdbc76351bdf99c6737ef4fecf88a22fa538
Whiteboard: [linux < 2.6.13]
Package list:
Runtime testing required: ---

Description Thierry Carrez (RETIRED) gentoo-dev 2005-09-14 02:44:26 UTC
From Ubuntu's latest :

Jan Blunck discovered a Denial of Service vulnerability in the procfs
interface of the SCSI driver. By repeatedly reading
/proc/scsi/sg/devices, a local attacker could eventually exhaust
kernel memory. (CAN-2005-2800)
Comment 1 Tim Yamin (RETIRED) gentoo-dev 2005-12-24 04:47:52 UTC
All fixed, closing.