*** This bug has been split off bug 148862 *** ------- Original comment by Mark J. Cox (Security Response Team) on 2005.02.16 08:52 ------- Read the description of this issue at http://www.gelato.unsw.edu.au/linux-ia64/0409/11073.html A patch for 2.6 was committed: http://lia64.bkbits.net:8080/linux-ia64-release-2.6.11/cset@41f2d1eePludGYyb1yOmGaW6Iois8Q Impact looks like it is a unprivileged DoS at least, possibly more. Currently embargoed, no date set.
public, removing embargo
Created attachment 113339 [details] test cast to reproduce issue. test case passed from intel to recreate this problem
This is not an issue on AS2.1/ia64 because the mechanisms described (syscall_trace_enter/syscall_trace_leave) are not implemented there. The only calls to syscall_trace are through an assembly-language wrapper (invoke_syscall_trace) that does the proper preservation of arg registers.