Bug 152411
| Summary: | CAN-2005-0749 load_elf_library possible DoS | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 3 | Reporter: | Mark J. Cox <mjc> | ||||
| Component: | kernel | Assignee: | Ernie Petrides <petrides> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Brian Brock <bbrock> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 3.0 | CC: | anderson, jbaron, jparadis, peterm, petrides, riel | ||||
| Target Milestone: | --- | Keywords: | Security | ||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | impact=important,public=20050318,source=vendorsec,reported=20050318 | ||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2005-04-22 20:17:39 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 112695 [details]
proposed fix for load_elf_library()
The patch above was posted for review on 4-Apr-2005.
A fix for this problem has just been committed to the RHEL3 E5 patch pool this evening (in kernel version 2.4.21-27.0.3.EL). A fix for this problem has also been committed to the RHEL3 U5 patch pool this evening (in kernel version 2.4.21-32.EL). An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-293.html An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-294.html |
A flaw when freeing a pointer in load_elf_library was discovered. A local user could potentially use this flaw to cause a denial of service (crash). See discussion at: http://www.uwsg.iu.edu/hypermail/linux/kernel/0503.2/0603.html Fixed upstream (note important 2nd fix for 2.4) fixed=2.6 (20050325 http://linux.bkbits.net:8080/linux-2.6/cset@4244bffczprEXYXBhd4oTqo8WoMTGQ fixed=2.4 (20050325 http://linux.bkbits.net:8080/linux-2.4/cset@4244930dPN44h62CZtM0P-qXoOI-7A fixed=2.4 (20050326 http://linux.bkbits.net:8080/linux-2.4/cset@424581efkFnFr5llhjjaiNnTmuS88Q