|Summary:||RLIMIT_MEMLOCK bypass and (2.6) unprivileged user DoS|
|Product:||[Fedora] Fedora||Reporter:||Josh Bressers <bressers>|
|Component:||kernel||Assignee:||Dave Jones <davej>|
|Status:||CLOSED ERRATA||QA Contact:||Brian Brock <bbrock>|
|Version:||3||CC:||pfrields, riel, wtogami|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2005-01-11 02:56:11 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Josh Bressers 2005-01-07 22:13:52 UTC
*** This bug has been split off bug 144524 *** ------- Original comment by Josh Bressers (Security Response Team) on 2005.01.07 17:08 ------- This was reported by grsecurity to full-disclosure http://lists.netsys.com/pipermail/full-disclosure/2005-January/030660.html the 'culprit' patch is how the default RLIM_MEMLOCK and the privilege to call mlockall have changed in 2.6.9. namely, the former has been reduced to 32 pages while the latter has been relaxed to allow it for otherwise unprivileged users if their RLIM_MEMLOCK is bigger than the currently allocated vm. which is normally good enough, except as you now know there's a path that can increase the allocated vm without checking for RLIM_MEMLOCK. The fix for this issue is attachment 109501 [details]
Comment 1 Josh Bressers 2005-01-07 22:15:30 UTC
This issue should also affect FC2.
Comment 2 Dave Jones 2005-01-11 02:56:11 UTC
fixed in todays updates.