Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 224635 (CVE-2008-2137)

Summary: Kernel: sparc/64_mmap_check DoS (CVE-2008-2137)
Product: Gentoo Security Reporter: Robert Buchholz (RETIRED) <rbu>
Component: KernelAssignee: Gentoo Security <security>
Severity: normal CC: kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: [linux <]
Package list:
Runtime testing required: ---

Description Robert Buchholz (RETIRED) gentoo-dev 2008-06-02 17:02:24 UTC
CVE-2008-2137 (
  The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the
  (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the
  Linux kernel before, omit some virtual-address range (aka span)
  checks when the mmap MAP_FIXED bit is not set, which allows local users to
  cause a denial of service (panic) via unspecified mmap calls.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2008-06-02 17:03:24 UTC
Comment 2 into-the-trash-it-goes 2009-07-20 18:47:53 UTC
hardened-kernel unaffected at present time. Removing alias.

PS: Anything using >=genpatches-2.6.25-4 is unaffected