Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 113325

Summary: Kernel: Local DoS through rose_rt_ioctl (CVE-2005-3273)
Product: Gentoo Security Reporter: Thierry Carrez (RETIRED) <koon>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: minor CC: security-kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Thierry Carrez (RETIRED) gentoo-dev 2005-11-23 02:04:53 UTC
In Ubuntu's USN-219-1:

David S. Miller discovered a buffer overflow in the rose_rt_ioctl()
function.  By calling the function with a large "ngidis" argument, a
local attacker could cause a kernel crash. This vulnerability only
affects Ubuntu 4.10 and 5.04. (CVE-2005-3273)
Comment 1 Tim Yamin (RETIRED) gentoo-dev 2005-11-26 09:16:48 UTC
This issue was fixed in 2.6.12 and 2.4.29 so closing as INVALID.