Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 170857 (CVE-2006-4814)

Summary: Kernel: Mincore function does not properly lock access to user space (CVE-2006-4814)
Product: Gentoo Security Reporter: Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: unnamedrambler
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: [linux < 2.6.16.38][linux >= 2.6.17 < 2.6.18.8][linux >= 2.6.19 < 2.6.19.2][gp < 2.6.18-10][gp >= 2.6.19-1 < 2.6.19-5]
Package list:
Runtime testing required: ---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-03-14 12:21:51 UTC 
The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock.

Fixed in 2.6.20-rc2. And the 2.6.19.2 contains a backport of it.
Comment 1 unnamedrambler 2008-03-07 18:52:15 UTC 
proposed metadata:
[linux < 2.6.16.38] 7c876d457b5c7e949032a4ac7aec64af0136d52a
[linux > 2.6.17 < 2.6.18.8] d84ad2cb50ba8c92df32ae6df47d413e5877e6ea
[linux > 2.6.19 < 2.6.19.2] e26353af7096103cec474473cbd81dc4190bba77

[gp < 2.6.18-10]
[gp > 2.6.18-10 < 2.6.19-5]
Comment 2 unnamedrambler 2008-03-07 19:17:06 UTC 
metadata correction:
[linux > 2.6.17 < 2.6.18.8] should be [linux >= 2.6.17 < 2.6.18.8]
[linux > 2.6.19 < 2.6.19.2] should be [linux >= 2.6.19 < 2.6.19.2]