Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 212137 (CVE-2008-0007) - Linux < 2.6.22.17 vm audit: add VM_DONTEXPAND to mmap for drivers that need it (CVE-2008-0007)
Summary: Linux < 2.6.22.17 vm audit: add VM_DONTEXPAND to mmap for drivers that need i...
Status: RESOLVED FIXED
Alias: CVE-2008-0007
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: [linux < 2.6.22.17][linux >= 2.6.23 <...
Keywords:
: 385889 (view as bug list)
Depends on:
Blocks:
 
Reported: 2008-03-03 01:16 UTC by Robert Buchholz (RETIRED)
Modified: 2016-06-06 11:04 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2008-03-03 01:16:31 UTC
CVE-2008-0007 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0007):
  Linux kernel before 2.6.22.17, when using certain drivers that register a
  fault handler that does not perform range checks, allows local users to
  access kernel memory via an out-of-range offset.
Comment 1 unnamedrambler 2008-03-21 18:35:10 UTC
[linux < 2.6.22.17] 83af8eda68a3f0c227d0eb05348e58ae27a62e7e
[linux >= 2.6.23 < 2.6.23.15] d4dd8e3a7287146e479c77e0456eaa315875972a
[linux >= 2.6.24 < 2.6.24.1] f5871b9016c0ebce8acc58f7a230adcb9bd89577

[gp < 2.6.23-8]
[gp >= 2.6.24-1 < 2.6.24-2] 
Comment 2 Michael Harrison 2012-01-31 10:34:29 UTC
*** Bug 385889 has been marked as a duplicate of this bug. ***
Comment 3 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2016-06-06 11:04:06 UTC
None of these kernels have been in the tree for many years.