Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 79633

Summary: ia64 ptrace corner cases (Vendor-Sec)
Product: Gentoo Security Reporter: Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard: CONFIDENTIAL
Package list:
Runtime testing required: ---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-01-26 13:17:32 UTC
> Please note that this patch:
> 
>  http://lia64.bkbits.net:8080/linux-ia64-release-2.6.11/cset@41f2d1eePludGYyb1yOmGaW6Iois8Q
> 
> is a critical security fix which plugs a hole which allowed a local
> user to crash a machine (confirmed) or perhaps gain root privileges
> (unconfirmed).  In other words, please make sure your favorite distro
> doesn't miss out on this one...
> 
> Unfortunately, security issues seem to come in clusters and there is
> another one pending related to the kernel unwinder.  I'll send a
> pointer once there is a final patch.
Comment 1 Tim Yamin (RETIRED) gentoo-dev 2005-07-26 13:27:44 UTC
Not affected on this - we don't use 2.4 on IA64 and 2.6.11 vanilla-sources and
2.6.12 gentoo-sources are stable which both aren't affected by this. Closing bug.