Summary: | Kernel: Local DoS through set_mempolicy (CVE-2005-3358) | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Thierry Carrez (RETIRED) <koon> | ||||||
Component: | Kernel | Assignee: | Gentoo Security <security> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | minor | CC: | gimli, kang, kfm, kumba, security-kernel | ||||||
Priority: | High | ||||||||
Version: | unspecified | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | [linux < 2.6.15] | ||||||||
Package list: | Runtime testing required: | --- | |||||||
Attachments: |
|
Description
Thierry Carrez (RETIRED)
2006-01-05 01:33:48 UTC
CCing maintainers: please either upgrade to 2.6.15 fix with the patch in the URL. Thanks. hardened-sources-2.6: hardened herd mips-sources-2.6.1{3,4}: Kumba rsbac-sources-2.6: kang sh-sources-2.6: sh herd usermode-sources-2.6: dsd xbox-sources-2.6: gimli The referenced patch only applies to 2.6.15 (at least, I've confirmed that it does not apply to 2.6.14). Due attention required in terms of backporting. Created attachment 76773 [details, diff]
mempolicy-interleave-mask-node.patch (for 2.6.14)
Here's a backport of the patch for 2.6.14 courtesy of plasmaroo. I've had two users test this just recently and it appears to be valid.
Created attachment 76776 [details, diff]
mempolicy-interleave-mask-node.patch (revision)
Reference the correct bug number this time and changed to a typical "-p1" style patch.
The aformentioned patch was added to genpatches-2.6.14-9.base (the tarball of which has now been distributed on the mirrors), see http://dev.gentoo.org/~dsd/genpatches/releases-2.6.14.htm and http://dev.gentoo.org/~dsd/genpatches/trunk/2.6.14/. Also, this is fixed in hardened-sources-2.6.14-r4. usermode now on 2.6.15 All fixed now, closing bug. |