Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 88740

Summary: Kernel: sysfs_write_file() integer overflow (CAN-2005-0867)
Product: Gentoo Security Reporter: Thierry Carrez (RETIRED) <koon>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: security-kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard: [linux >=2.6 < 2.6.11]
Package list:
Runtime testing required: ---
Attachments:
Description Flags
Patch none

Description Thierry Carrez (RETIRED) gentoo-dev 2005-04-11 09:07:02 UTC
From Ubuntu's latest:

Alexander Nyberg discovered an integer overflow in the sysfs_write_file() function. A local attacker could exploit this to crash the kernel or possibly even execute arbitrary code with root privileges by writing to an user-writable file in /sys under certain low-memory conditions. However, there are very few cases where a user-writeable sysfs file actually exists. (CAN-2005-0867)
Comment 1 Tim Yamin (RETIRED) gentoo-dev 2005-04-15 15:00:14 UTC
Created attachment 56386 [details, diff]
Patch
Comment 2 Joshua Kinard gentoo-dev 2005-04-23 22:29:40 UTC
mips-sources fixed.
Comment 3 Daniel Drake (RETIRED) gentoo-dev 2005-04-27 13:46:49 UTC
gentoo-sources-2.6 unaffected
Comment 4 Robert Paskowitz (RETIRED) gentoo-dev 2005-05-17 16:41:14 UTC
Should be all fixed. http://kiss.gentoo.org/dev/viewBug.php?BugID=88740
Comment 5 Tim Yamin (RETIRED) gentoo-dev 2005-05-27 11:41:21 UTC
All fixed, closing bug.