Bug 431206 (CVE-2008-0009)

Summary: CVE-2008-0009 kernel: Inappropriate dereference of user-supplied memory pointers
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: anton, bojan, dhoward, dzickus, kreilly, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-02-10 16:42:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 431209, 431210, 432229    
Bug Blocks:    

Description Jan Lieskovsky 2008-02-01 15:17:48 UTC 
Description of problem:

A new system call named vmsplice() was introduced in the 2.6.17
release of the Linux kernel. 

Inappropriate dereference of user-supplied memory pointers in the
code beginning at line 1378 in the vmsplice_to_user() kernel
function (fs/splice.c):

The patch for this issue not provided by the reporter.
Comment 11 Mark J. Cox 2008-02-10 13:38:30 UTC 
see bug #432251
Comment 13 Mark J. Cox 2008-02-10 16:42:11 UTC 
There was a bit of confusion as the code changed since introduction 2.6.17, so
Red Hat Enterprise Linux kernels had code different to upstream.

CVE-2008-0009 and CVE-2008-0010 only affected kernels 2.6.22+ so Red Hat
Enterprise Linux was not affected

CVE-2008-0600 affected kernels 2.6.17+ so affects Red Hat Enterprise Linux 5. 
Closing this CVE-2008-0009 bug as it doesn't affect RHEL.