Comment 1 Anthony Basile 2010-09-18 00:37:48 UTC

The grsec patch in hardened-sources-2.6.32-r18 and hardened-sources-2.6.34-r6
address this.

Comment 2 Matthew Thode ( prometheanfire ) 2010-09-18 22:13:47 UTC

Running 2.6.34-r6 fine and stable.

Comment 3 Alex Legler (RETIRED) 2010-09-19 11:00:51 UTC

*** Bug 338025 has been marked as a duplicate of this bug. ***

Created attachment 248720 [details, diff]
Backported patch for 2.6.34.7

Applies cleanly to a stock 2.6.34.7 tree.

Comment 5 Mike Pagano 2010-09-27 13:39:36 UTC

Hunk #1 FAILED at 360.
1 out of 1 hunk FAILED -- saving rejects to file include/linux/compat.h.rej

We need this to apply to -r10, I will look at it tonight after work.

> We need this to apply to -r10, I will look at it tonight after work.

I can't reproduce this failure ...

# ACCEPT_KEYWORDS="~amd64" emerge =gentoo-sources-2.6.34-r10
# cp -a linux-2.6.34-gentoo-r10 linux-2.6.34-gentoo-r10.orig
# cd linux-2.6.34-gentoo-r10
# patch -p1 < ../2.6.34.7_compat_alloc_user_space-incorporate-access_ok.patch
patching file arch/ia64/include/asm/compat.h
patching file arch/mips/include/asm/compat.h
patching file arch/parisc/include/asm/compat.h
patching file arch/powerpc/include/asm/compat.h
patching file arch/s390/include/asm/compat.h
patching file arch/sparc/include/asm/compat.h
patching file arch/x86/include/asm/compat.h
patching file include/linux/compat.h
patching file kernel/compat.c

Also:

# md5sum ../2.6.34.7_compat_alloc_user_space-incorporate-access_ok.patch
15b14e282250beec58b0298091f9a1b9  ../2.6.34.7_compat_alloc_user_space-incorporate-access_ok.patch

Comment 7 Mike Pagano 2010-09-27 13:57:09 UTC

I am using genpatches/2.6.34 right from svn. Possobly I have something in there that is not yet in r10.

I will have to look at this after work. real job first. 

Created attachment 248808 [details, diff]
Patches cleanly against 2.6.34-r10

Adding patch tested to work against 2.6.34-r10

Created attachment 248810 [details]
2.6.34-r10 ebuild using 2.6.34-compat-alloc.patch

Comment 10 Mike Pagano 2010-09-28 01:18:15 UTC

Released in gentoo-sources-2.6.34-r11.

For anyone who is concerned that they may have been exposed and subsequently exploited, here is a tool from Ksplice which checks for known backdoors:

http://www.ksplice.com/uptrack/cve-2010-3081

Comment 12 Stefan Behte (RETIRED) 2010-10-07 21:39:13 UTC

Please consult the gentoo linux vulnerability treatment guide if you have further questions regarding the severity, before changing it.

I read it and am unable to fathom how the evaulation can be determined as anything other than A1 (critical) ...

A = System/Common Package
1 = Local privilege escalation: flaw allowing root compromise when you have local access