Bug 161877

Summary:	Kernel: Local DoS due to EFLAGS leakage x86_64 (CVE-2006-5755)
Product:	Gentoo Security	Reporter:	Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component:	Kernel	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	unnamedrambler
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:	[linux < 2.6.18.8][gp < 2.6.18-10]
Package list:		Runtime testing required:	---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-01-13 11:24:34 UTC

Not sure wether this was already filed. It is similar to CVE-2006-5173, bug #154307.

Linux kernel before 2.6.18, when running on x86_64 systems, does not properly save or restore EFLAGS during a context switch, which allows local users to cause a denial of service (crash) by causing SYSENTER to set an NT flag, which can trigger a crash on the IRET of the next task.

Comment 1 unnamedrambler 2008-03-07 18:27:50 UTC

proposed metadata:
[linux < 2.6.18.8] kernel.org commit ID ff6e642fe5fae0da7b54540fb76a93f3d968c87a
[linux > 2.6.18.8 < 2.6.19] kernel.org commit ID 658fdbef66e5e9be79b457edc2cbbb3add840aa9
[gp < 2.6.19]

for reference the patch also made it into gp 2.6.18-10