*** This bug has been split off bug 144519 *** ------- Original comment by Josh Bressers (Security Response Team) on 2005.01.07 16:47 ------- grsecurity announcement to full-disclosure http://lists.netsys.com/pipermail/full-disclosure/2005-January/030660.html It would seem that user input controlls the integers being overflowed. It looks like a malicious user should be able to alter kernel memory. The fix for this issue is in attachment 109500 [details]
This issue does not affect the 2.4 kernel. I copied the wrong text when I filed this. I'm just closing it.