214184 – (CVE-2007-3731) kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (CVE-2007-3731)

Bug 214184 (CVE-2007-3731) - kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (CVE-2007-3731)

Summary: kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment sele...

Status:	RESOLVED FIXED

Alias:	CVE-2007-3731

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://www.debian.org/security/2007/d...
Whiteboard:	[linux < 2.6.22.19][genpatches < 2.6....
Keywords:

Duplicates (1):	194075 (view as bug list)
Depends on:
Blocks:

Reported:	2008-03-21 23:26 UTC by unnamedrambler
Modified:	2013-09-05 02:57 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description unnamedrambler 2008-03-21 23:26:33 UTC

+++ This bug was initially created as a clone of Bug #194075 +++

CVE-2007-3731:
  The Linux kernel 2.6.20 and 2.6.21 does not properly handle an
  invalid LDT segment selector in %cs (the xcs field) during ptrace
  single-step operations, which allows local users to cause a denial
  of service (NULL dereference and OOPS) via certain code that makes
  ptrace PTRACE_SETREGS and PTRACE_SINGLESTEP requests, related to
  the TRACE_IRQS_ON function, and possibly related to the arch_ptrace
  function.

Comment 1 unnamedrambler 2008-03-21 23:59:20 UTC

*** Bug 194075 has been marked as a duplicate of this bug. ***