CVE-2009-0029 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0029): The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call.
Here's the upstream patch: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=ee6a093222549ac0c72cfd296c69fa5e7d6daa34 I've corrected the Status Whiteboard. Anything using >=genpatches-2.6.27-10 is unaffected (with the sole exception of genpatches-2.6.28-1).
Hmm, upon closer inspection of the official kernel.org ChangeLogs, the situation is more complex than it initially appeared. Whilst the first patch intended to address the vulnerability was added to 2.6.27.12 and 2.6.28.1, it only encompassed ppc. A similar patch for sparc was later added in 2.6.27.18 and 2.6.28.6. However, it wasn't until the release of 2.6.29 that a *slew* of further patches was added to apparently bring closure to the matter. So, realising my mistake, I'm amending the Status Whiteboard to <2.6.29 and shall re-visit the bug later in order to figure out exactly which patches distinguish the 2.6.29 release. The prior scope was incorrect anyway as it implied that >=2.6.28 was OK.
OK, I've been over the whole patch series with a fine toothcomb and was pleased to find that it was definitely resolved as of 2.6.27.12, 2.6.28.1 and 2.6.29. Amending Status Whiteboard.
