Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 255571 (CVE-2009-0029) - Kernel: < (CVE-2009-0029) Enable syscall wrappers for 64-bit
Summary: Kernel: < (CVE-2009-0029) Enable syscall wrappers for 64-bit
Alias: CVE-2009-0029
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: [linux <] [linux >=2.6.28 <2...
Depends on:
Reported: 2009-01-19 23:45 UTC by Stefan Behte (RETIRED)
Modified: 2013-09-12 04:54 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-01-19 23:45:47 UTC
CVE-2009-0029 (
  The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc,
  sparc64, and mips 64-bit platforms requires that a 32-bit argument in
  a 64-bit register was properly sign extended when sent from a
  user-mode application, but cannot verify this, which allows local
  users to cause a denial of service (crash) or possibly gain
  privileges via a crafted system call.
Comment 1 kfm 2009-07-21 00:39:12 UTC
Here's the upstream patch:;a=commitdiff;h=ee6a093222549ac0c72cfd296c69fa5e7d6daa34

I've corrected the Status Whiteboard. Anything using >=genpatches-2.6.27-10 is unaffected (with the sole exception of genpatches-2.6.28-1).
Comment 2 kfm 2009-07-21 00:54:59 UTC
Hmm, upon closer inspection of the official ChangeLogs, the situation is more complex than it initially appeared. Whilst the first patch intended to address the vulnerability was added to and, it only encompassed ppc. A similar patch for sparc was later added in and However, it wasn't until the release of 2.6.29 that a *slew* of further patches was added to apparently bring closure to the matter.

So, realising my mistake, I'm amending the Status Whiteboard to <2.6.29 and shall re-visit the bug later in order to figure out exactly which patches distinguish the 2.6.29 release. The prior scope was incorrect anyway as it implied that >=2.6.28 was OK.
Comment 3 kfm 2009-07-24 02:07:24 UTC
OK, I've been over the whole patch series with a fine toothcomb and was pleased to find that it was definitely resolved as of, and 2.6.29. Amending Status Whiteboard.