Doug Chapman reported an error in "mm/mempolicy.c" when handling policy system calls, which could be exploited by local attackers to cause a denial of service via a "set_mempolicy" call with a 0 bitmask.
Author: Andi Kleen <firstname.lastname@example.org>
Date: Tue Jan 3 00:07:28 2006 +0100
[PATCH] Make sure interleave masks have at least one node set
Otherwise a bad mem policy system call can confuse the interleaving
code into referencing undefined nodes.
Originally reported by Doug Chapman
CCing maintainers: please either upgrade to 2.6.15 fix with the patch in the URL. Thanks.
hardened-sources-2.6: hardened herd
sh-sources-2.6: sh herd
The referenced patch only applies to 2.6.15 (at least, I've confirmed that it does not apply to 2.6.14). Due attention required in terms of backporting.
Created attachment 76773 [details, diff]
mempolicy-interleave-mask-node.patch (for 2.6.14)
Here's a backport of the patch for 2.6.14 courtesy of plasmaroo. I've had two users test this just recently and it appears to be valid.
Created attachment 76776 [details, diff]
Reference the correct bug number this time and changed to a typical "-p1" style patch.
The aformentioned patch was added to genpatches-2.6.14-9.base (the tarball of which has now been distributed on the mirrors), see http://dev.gentoo.org/~dsd/genpatches/releases-2.6.14.htm and http://dev.gentoo.org/~dsd/genpatches/trunk/2.6.14/.
Also, this is fixed in hardened-sources-2.6.14-r4.
usermode now on 2.6.15
All fixed now, closing bug.