Bug 148863 - CAN-2005-0136 ptrace corner cases on ia64
Summary: CAN-2005-0136 ptrace corner cases on ia64
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: kernel
Version: 2.1
Hardware: ia64
OS: Linux
medium
high
Target Milestone: ---
Assignee: Jim Paradis
QA Contact: Brian Brock
URL:
Whiteboard: impact=important,embargo=20050311,rep...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-02-16 13:56 UTC by Mark J. Cox
Modified: 2007-11-30 22:06 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-06-14 22:20:54 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
test cast to reproduce issue. (20.00 KB, application/octet-stream)
2005-04-18 19:12 UTC, Neil Horman 		no flags Details
View All

Description Mark J. Cox 2005-02-16 13:56:43 UTC 
*** This bug has been split off bug 148862 ***

------- Original comment by Mark J. Cox (Security Response Team) on 2005.02.16
08:52 -------

Read the description of this issue at 
http://www.gelato.unsw.edu.au/linux-ia64/0409/11073.html

A patch for 2.6 was committed:
http://lia64.bkbits.net:8080/linux-ia64-release-2.6.11/cset@41f2d1eePludGYyb1yOmGaW6Iois8Q

Impact looks like it is a unprivileged DoS at least, possibly more.

Currently embargoed, no date set.
Comment 1 Mark J. Cox 2005-03-16 10:43:14 UTC 
public, removing embargo
Comment 2 Neil Horman 2005-04-18 19:12:02 UTC 
Created attachment 113339 [details]
test cast to reproduce issue.

test case passed from intel to recreate this problem
Comment 3 Jim Paradis 2005-06-14 22:20:54 UTC 
This is not an issue on AS2.1/ia64 because the mechanisms described
(syscall_trace_enter/syscall_trace_leave) are not implemented there.  The only
calls to syscall_trace are through an assembly-language wrapper
(invoke_syscall_trace) that does the proper preservation of arg registers.
Note You need to log in before you can comment on or make changes to this bug.