Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 224635 (CVE-2008-2137) - Kernel: sparc/64_mmap_check DoS (CVE-2008-2137)
Summary: Kernel: sparc/64_mmap_check DoS (CVE-2008-2137)
Status: RESOLVED FIXED
Alias: CVE-2008-2137
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://git.kernel.org/git/?p=linux/ke...
Whiteboard: [linux <2.6.25.3]
Keywords:
Depends on:
Blocks:
 
Reported: 2008-06-02 17:02 UTC by Robert Buchholz (RETIRED)
Modified: 2013-09-05 03:39 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2008-06-02 17:02:24 UTC
CVE-2008-2137 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2137):
  The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the
  (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the
  Linux kernel before 2.6.25.3, omit some virtual-address range (aka span)
  checks when the mmap MAP_FIXED bit is not set, which allows local users to
  cause a denial of service (panic) via unspecified mmap calls.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2008-06-02 17:03:24 UTC
5816339310b2d9623cf413d33e538b45e815da5d
Comment 2 kfm 2009-07-20 18:47:53 UTC
hardened-kernel unaffected at present time. Removing alias.

PS: Anything using >=genpatches-2.6.25-4 is unaffected