170865 – (CVE-2007-0006) Kernel: spinlock CPU recursion (CVE-2007-0006)

Bug 170865 (CVE-2007-0006) - Kernel: spinlock CPU recursion (CVE-2007-0006)

Summary: Kernel: spinlock CPU recursion (CVE-2007-0006)

Status:	RESOLVED FIXED

Alias:	CVE-2007-0006

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://bugzilla.kernel.org/show_bug.c...
Whiteboard:	[linux < 2.6.16.42][linux >= 2.6.17 <...
Keywords:

Depends on:
Blocks:

Reported:	2007-03-14 12:53 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified:	2013-09-05 02:51 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-03-14 12:53:42 UTC

Not sure wether this is fixed in all 2.6.18 sources:

------- Additional Comment #8 From David Howells 2007-02-06 03:12 -------  
Okay... Found it: the key serial number collision avoidance code is wrong.

This didn't use to be a problem as the key serial numbers were allocated from 
a simple incremented counter, and you'd have to go through 2 billion keys 
before encountering a collision.

However, now that random numbers are used instead, collisions are much more 
likely.

Comment 1 Lubomir Rintel 2007-03-15 10:54:14 UTC

CVE-2007-0006

Comment 2 unnamedrambler 2008-03-07 19:42:26 UTC

proposed metadata:
[linux < 2.6.16.42] a0cd22f8e3a0cd4f6d8b08103629cbbc29a0c9fb
[linux >= 2.6.17 < 2.6.19.5] 76d21f587d66f8508f6448c7253e46ff1881bec9
[linux >= 2.6.20 < 2.6.20.2] dbd60d51abaf4c31f4c4b5e521745af301535447
also patched in linux 2.6.21 9ad0830f307bcd8dc285cfae58998d43b21727f4

[gp < 2.6.19-8]
[gp >= 2.6.20-1 < 2.6.20-3]