Red Hat Bugzilla – Bug 115820
CAN-2004-0077 Linux kernel do_mremap VMA limit local privilege escalation
Last modified: 2007-11-30 17:07:00 EST
Paul Starzetz discovered a flaw in return value checking in mremap()
in the Linux kernel versions 2.4.24 and previous that may allow a
local attacker to gain root privileges. No exploit is currently
available; however this issue may be exploitable.
Embargoed until Feb18
The fix for this problem was committed to the RHEL3 U2 patch pool
on 9-Feb-2004, and has been available internally with the build of
kernel version 2.4.21-9.6.EL.
This problem was also fixed in kernel version 2.4.21-9.0.1.EL, which
was just released today on RHN as errata advisory RHSA-2004:066.