Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 21076

Summary: Possible DoS (Linux 2.4.*) and security hole in I/O permissions check (Linux 2.4.20)
Product: Gentoo Linux Reporter: Brice Arnould (un_brice) <brice.arnould>
Component: [OLD] Core systemAssignee: x86-kernel (DEPRECATED) <x86-kernel>
Status: RESOLVED DUPLICATE    
Severity: critical CC: avenj, security, tidoineurope
Priority: Highest    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Brice Arnould (un_brice) 2003-05-15 16:57:07 UTC 
Due to the severity of this bug (and my poor english -_^), I rather send this alert 
fast and give you adresses where those problems are well discribed : 
 
Redhat website (patchs seems to be availables) 
http://rhn.redhat.com/errata/RHSA-2003-172.html 
I don't know if  
 
A more detailed description of the DoS : 
http://www.secunia.com/advisories/8786/
Comment 1 Jon Portnoy (RETIRED) gentoo-dev 2003-05-15 18:29:32 UTC 
http://marc.theaimsgroup.com/?l=bk-commits-24&m=105217616607144&w=2

There's the patch, it appears.
Comment 2 Martin Holzer (RETIRED) gentoo-dev 2003-05-19 14:01:13 UTC 
*** Bug 21261 has been marked as a duplicate of this bug. ***
Comment 3 Martin Holzer (RETIRED) gentoo-dev 2003-05-19 14:36:19 UTC 

*** This bug has been marked as a duplicate of 21269 ***