Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 337659 (CVE-2010-3081) - Kernel: IA32 Emulation Stack Underflow (CVE-2010-3081)
Summary: Kernel: IA32 Emulation Stack Underflow (CVE-2010-3081)
Alias: CVE-2010-3081
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: [linux < 2.6.36-rc4-git2]
: 338025 (view as bug list)
Depends on:
Reported: 2010-09-16 14:45 UTC by Alex Legler (RETIRED)
Modified: 2013-09-15 19:54 UTC (History)
7 users (show)

See Also:
Package list:
Runtime testing required: ---

Backported patch for (,7.77 KB, patch)
2010-09-26 23:59 UTC, kfm
no flags Details | Diff
Patches cleanly against 2.6.34-r10 (2.6.34-compat-alloc.patch,6.99 KB, patch)
2010-09-27 16:30 UTC, Isaac Richter
no flags Details | Diff
2.6.34-r10 ebuild using 2.6.34-compat-alloc.patch (gentoo-sources-2.6.34-r10.ebuild,836 bytes, text/plain)
2010-09-27 16:33 UTC, Isaac Richter
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Anthony Basile gentoo-dev 2010-09-18 00:37:48 UTC
The grsec patch in hardened-sources-2.6.32-r18 and hardened-sources-2.6.34-r6
address this.
Comment 2 Matthew Thode ( prometheanfire ) archtester Gentoo Infrastructure gentoo-dev Security 2010-09-18 22:13:47 UTC
Running 2.6.34-r6 fine and stable.
Comment 3 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-09-19 11:00:51 UTC
*** Bug 338025 has been marked as a duplicate of this bug. ***
Comment 4 kfm 2010-09-26 23:59:12 UTC
Created attachment 248720 [details, diff]
Backported patch for

Applies cleanly to a stock tree.
Comment 5 Mike Pagano gentoo-dev 2010-09-27 13:39:36 UTC
Hunk #1 FAILED at 360.
1 out of 1 hunk FAILED -- saving rejects to file include/linux/compat.h.rej

We need this to apply to -r10, I will look at it tonight after work.
Comment 6 kfm 2010-09-27 13:54:54 UTC
> We need this to apply to -r10, I will look at it tonight after work.

I can't reproduce this failure ...

# ACCEPT_KEYWORDS="~amd64" emerge =gentoo-sources-2.6.34-r10
# cp -a linux-2.6.34-gentoo-r10 linux-2.6.34-gentoo-r10.orig
# cd linux-2.6.34-gentoo-r10
# patch -p1 < ../
patching file arch/ia64/include/asm/compat.h
patching file arch/mips/include/asm/compat.h
patching file arch/parisc/include/asm/compat.h
patching file arch/powerpc/include/asm/compat.h
patching file arch/s390/include/asm/compat.h
patching file arch/sparc/include/asm/compat.h
patching file arch/x86/include/asm/compat.h
patching file include/linux/compat.h
patching file kernel/compat.c


# md5sum ../
15b14e282250beec58b0298091f9a1b9  ../
Comment 7 Mike Pagano gentoo-dev 2010-09-27 13:57:09 UTC
I am using genpatches/2.6.34 right from svn. Possobly I have something in there that is not yet in r10.

I will have to look at this after work. real job first. 
Comment 8 Isaac Richter 2010-09-27 16:30:36 UTC
Created attachment 248808 [details, diff]
Patches cleanly against 2.6.34-r10

Adding patch tested to work against 2.6.34-r10
Comment 9 Isaac Richter 2010-09-27 16:33:01 UTC
Created attachment 248810 [details]
2.6.34-r10 ebuild using 2.6.34-compat-alloc.patch
Comment 10 Mike Pagano gentoo-dev 2010-09-28 01:18:15 UTC
Released in gentoo-sources-2.6.34-r11.
Comment 11 kfm 2010-09-28 12:36:53 UTC
For anyone who is concerned that they may have been exposed and subsequently exploited, here is a tool from Ksplice which checks for known backdoors:
Comment 12 Stefan Behte (RETIRED) gentoo-dev Security 2010-10-07 21:39:13 UTC
Please consult the gentoo linux vulnerability treatment guide if you have further questions regarding the severity, before changing it.
Comment 13 kfm 2010-10-07 22:43:01 UTC
I read it and am unable to fathom how the evaulation can be determined as anything other than A1 (critical) ...

A = System/Common Package
1 = Local privilege escalation: flaw allowing root compromise when you have local access