Summary: | Multiple 64-bit Local DoS (CAN-2005-{0756,1762,1764,1765}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thierry Carrez (RETIRED) <koon> |
Component: | Kernel | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | kang, security-kernel |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Other | ||
Whiteboard: | [linux <2.6.11.11] | ||
Package list: | Runtime testing required: | --- |
Description
Thierry Carrez (RETIRED)
![]() OK, there are more (from SuSE latest) : ptrace-canonical Local DoS issue (2.4+2.6) CAN-2005-1762 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=d1099e8a18960693c04507bdd7b9403db70bfd97 ptrace-check-segment Local DoS issue (2.4+2.6) CAN-2005-0756 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=f6b8d4778c04148729cc0b0dcd335a4411c44276 syscall-page-fix Local DoS issue (2.6 only) CAN-2005-1765 diff -urNp linux-2.6.11/arch/x86_64/mm/fault.c linux-2.6.11.SUSE/arch/x86_64/mm/fault.c --- linux-2.6.11/arch/x86_64/mm/fault.c 2005-06-02 16:18:33.999340707 +0200 +++ linux-2.6.11.SUSE/arch/x86_64/mm/fault.c 2005-06-02 16:21:36.922002147 +0200 @@ -474,7 +474,7 @@ bad_area_nosemaphore: #ifdef CONFIG_IA32_EMULATION /* 32bit vsyscall. map on demand. */ - if (test_thread_flag(TIF_IA32) && + if (test_thread_flag(TIF_IA32) && ((error_code & 0x6) == 0x4) && address >= VSYSCALL32_BASE && address < VSYSCALL32_END) { if (map_syscall32(mm, address) < 0) goto out_of_memory2; x86_64-sysret-fix Local DoS issue (2.6 only) CAN-2005-1764 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=637716a3825e186555361574aa1fa3c0ebf8018b Non-issue for 2.4 here as Gentoo/AMD64 only uses 2.6. (In reply to comment #1) > ptrace-canonical Local DoS issue (2.4+2.6) CAN-2005-1762 > http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=d1099e8a18960693c04507bdd7b9403db70bfd97 This one is fixed in 2.6.11.11 CAN-2005-0756 and CAN-2005-1764 are also fixed in 2.6.11, leaving only syscall-page-fix Local DoS issue (2.6 only) CAN-2005-1765 Fixed in genpatches 2.6.11-14 Fixed in gentoo-sources-2.6.11-r11 kang: 2.6.11 requires CAN-2005-1765 fix, see comment #1 for details. All fixed, closing. |