193386 – Kernel x86_64: Zero extend all registers after ptrace in 32bit entry path (CVE-2007-4573)

Bug 193386 - Kernel x86_64: Zero extend all registers after ptrace in 32bit entry path (CVE-2007-4573)

Summary: Kernel x86_64: Zero extend all registers after ptrace in 32bit entry path (CV...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://www.kernel.org/pub/linux/kerne...
Whiteboard:	[linux < 2.4.35.3][linux > 2.6 < 2.6....
Keywords:

Duplicates (2):	195501 196826 (view as bug list)
Depends on:
Blocks:

Reported:	2007-09-22 07:19 UTC by Christian Heim (RETIRED)
Modified:	2013-09-03 03:42 UTC (History)
CC List:	5 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Christian Heim (RETIRED) gentoo-dev

2007-09-22 07:19:37 UTC

x86_64: Zero extend all registers after ptrace in 32bit entry path.
    
Strictly it's only needed for eax. It actually does a little more than strictly needed -- the other registers are already zero extended.
    
Also remove the now unnecessary and non functional compat task check in ptrace.

-- genpatches provides a fix w/ 2.6.22-8 (including 2.6.22.7).

Comment 1 Christian Heim (RETIRED) gentoo-dev

2007-09-23 16:24:47 UTC

genpatches-2.6.20-17 also contains the patch.

Comment 2 Pierre-Yves Rofes (RETIRED) gentoo-dev

2007-09-26 09:37:31 UTC

unrestricting, this is public now:
http://secunia.com/advisories/26934/

Comment 3 Sven Wegener gentoo-dev

2007-10-11 14:13:16 UTC

*** Bug 195501 has been marked as a duplicate of this bug. ***

Comment 4 Robert Buchholz (RETIRED) gentoo-dev

2007-10-23 20:18:17 UTC

*** Bug 196826 has been marked as a duplicate of this bug. ***