Bug 517830 (CVE-2009-2695)
Summary: | CVE-2009-2695 kernel: SELinux and mmap_min_addr | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Eugene Teo (Security Response) <eteo> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | bhu, dhoward, eparis, esammons, jmorris, jpirko, jskrabal, lgoncalv, lwang, maurizio, mjc, vadim.ratinov, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-12-21 18:07:56 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 511143, 518141, 518142, 518143, 531703, 531718, 537285 | ||
Bug Blocks: |
Description
Eugene Teo (Security Response)
2009-08-17 12:28:34 UTC
CVE-2009-2695: A system with SELinux enabled with the default targeted policy is more permissive for unconfined domains, allowing local users to map low memory areas even if mmap_min_addr protection is enabled. This could allow the exploitation of NULL pointer dereference flaws. Upstream commits: http://git.kernel.org/linus/9c0d90103c7e0eb6e638e5b649e9f6d8d9c1b4b3 http://git.kernel.org/linus/8cf948e744e0218af604c32edecde10006dc8e9e http://git.kernel.org/linus/788084aba2ab7348257597496befcbccabdc98a3 http://git.kernel.org/linus/1d9959734a1949ea4f2427bd2d8b21ede6b2441c kernel-2.6.29.6-217.2.16.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in following products: MRG for RHEL-5 Via RHSA-2009:1540 https://rhn.redhat.com/errata/RHSA-2009-1540.html This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2009:1548 https://rhn.redhat.com/errata/RHSA-2009-1548.html This issue has been addressed in following products: Red Hat Enterprise Linux 5.3.Z - Server Only Via RHSA-2009:1587 https://rhn.redhat.com/errata/RHSA-2009-1587.html This issue has been addressed in following products: Red Hat Enterprise Linux 5.2 Z Stream Via RHSA-2009:1672 https://rhn.redhat.com/errata/RHSA-2009-1672.html |