Bug 912898 (CVE-2013-0309)

Summary: CVE-2013-0309 kernel: mm: thp: pmd_present and PROT_NONE local DoS
Product: [Other] Security Response Reporter: Petr Matousek <pmatouse>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: agordeev, anton, bhu, davej, dhoward, fhrbata, gansalmon, iboverma, itamar, jforbes, jkacur, jneedle, jonathan, jrusnack, jwboyer, kernel-maint, kernel-mgr, lgoncalv, lwang, madhu.chinakonda, mcressma, npajkovs, plougher, rt-maint, rvrbovsk, sforsber, williams
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=moderate,public=20130219,reported=20130219,source=redhat,cvss2=4.7/AV:L/AC:M/Au:N/C:N/I:N/A:C,rhel-5/kernel=notaffected,rhel-6/kernel=affected,mrg-2/realtime-kernel=notaffected,fedora-all/kernel=notaffected
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-05-08 14:41:27 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 858385    
Bug Blocks:    

Description Petr Matousek 2013-02-19 18:53:15 EST
Most VM places are using pmd_none but a few are still using pmd_present. The meaning is about the same for the pmd. However pmd_present would return the wrong value on PROT_NONE ranges. When the code using pmd_present gets a false negative, the kernel will crash. An unprivileged local user could use this flaw to crash the system.

Upstream fix:
Comment 1 Petr Matousek 2013-02-19 19:49:02 EST

This issue did affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 6.

This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.
Comment 2 errata-xmlrpc 2013-02-21 02:02:34 EST
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2013:0496 https://rhn.redhat.com/errata/RHSA-2013-0496.html