Summary: | Kernel: Local DoS using sigqueue overflow (GENERIC-MAP-NOMATCH) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | gen2daniel <gen2daniel> |
Component: | Kernel | Assignee: | Gentoo Security <security> |
Status: | RESOLVED UPSTREAM | ||
Severity: | minor | CC: | hanno |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://git.kernel.org/?p=linux/kernel/git/tglx/history.git;a=commit;h=63e9e5dcebd3b22b5b9e6670a9231bf005d63e06 | ||
Whiteboard: | [linux <2.6.8] | ||
Package list: | Runtime testing required: | --- |
Description
gen2daniel
2004-04-13 13:48:04 UTC
This is confirmed, see LKML thread : http://marc.theaimsgroup.com/?t=108150234800003&r=1&w=2 Doesn't look very practical. No upstream fix for now, they are still discussing how to do it (and who). status = wait for upstream Some more pointers : http://www.securityfocus.com/bid/10096 http://xforce.iss.net/xforce/xfdb/15917 kernel local DoS = A3 no upstream fix yet According to Marcelo Tossati, "v2.6.7-mm tree contains a fix for this, adding a rlimit for pending signals." : http://marc.theaimsgroup.com/?l=linux-kernel&m=108725996708714&w=2 not sure it's patchable on most kernels though... Status update : Patch adding a user-related limit on pending signals is apparently in 2.6.8-rc1 : http://kerneltrap.org/node/view/3443 The code is probably this one : http://lkml.org/lkml/2004/5/11/46 and next patches by Chris Wright. Apparently no backport to 2.4.x yet. Dwongrading severity as this should not be worth a GLSA all by itself. 2.6.8 final includes the fixes. Not sure they are easy to backport, and this is not a very serious issue. We should probably wait for another vulnerability needing >=2.6.8 to include this one in a kernel GLSA. Moving to newly-created kernel-specific category Closing, this doesn't seem to be fixed upstream nor we consider it to be a security risk... |