[kernel-sec-discuss] r1315 - active

jmm at alioth.debian.org jmm at alioth.debian.org
Fri Mar 20 15:11:52 UTC 2009


Author: jmm
Date: 2009-03-20 15:11:52 +0000 (Fri, 20 Mar 2009)
New Revision: 1315

Modified:
   active/CVE-2008-6107
   active/CVE-2009-0028
Log:
updates


Modified: active/CVE-2008-6107
===================================================================
--- active/CVE-2008-6107	2009-03-20 14:59:11 UTC (rev 1314)
+++ active/CVE-2008-6107	2009-03-20 15:11:52 UTC (rev 1315)
@@ -1,6 +1,14 @@
 Candidate: CVE-2008-6107
 Description:
+ The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, the
+ (2) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c, and the
+ (3) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in
+ the Linux kernel before 2.6.25.4, omit some virtual-address range (aka
+ span) checks when the mremap MREMAP_FIXED bit is not set, which allows
+ local users to cause a denial of service (panic) via unspecified mremap
+ calls, a related issue to CVE-2008-2137. 
 References:
+ http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.4 
  http://marc.info/?l=linux-kernel&m=121071103304610&w=2
  94d149c34cda933ff5096aca94bb23bf68602f4e
 Ubuntu-Description:

Modified: active/CVE-2009-0028
===================================================================
--- active/CVE-2009-0028	2009-03-20 14:59:11 UTC (rev 1314)
+++ active/CVE-2009-0028	2009-03-20 15:11:52 UTC (rev 1315)
@@ -5,6 +5,10 @@
  child process by launching an additional child process with the CLONE_PARENT
  flag, and then letting this new process exit. 
 References:
+ http://scary.beasts.org/security/CESA-2009-002.html
+ http://scarybeastsecurity.blogspot.com/2009/02/linux-kernel-minor-signal-vulnerability.html
+ https://bugzilla.redhat.com/show_bug.cgi?id=479932
+ http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html 
  2d5516cbb9d
 Ubuntu-Description:
 Notes:




More information about the kernel-sec-discuss mailing list