A flaw when freeing a pointer in load_elf_library was discovered. A local user could potentially use this flaw to cause a denial of service (crash). See discussion at: http://www.uwsg.iu.edu/hypermail/linux/kernel/0503.2/0603.html Fixed upstream (note important 2nd fix for 2.4) fixed=2.6 (20050325 http://linux.bkbits.net:8080/linux-2.6/cset@4244bffczprEXYXBhd4oTqo8WoMTGQ fixed=2.4 (20050325 http://linux.bkbits.net:8080/linux-2.4/cset@4244930dPN44h62CZtM0P-qXoOI-7A fixed=2.4 (20050326 http://linux.bkbits.net:8080/linux-2.4/cset@424581efkFnFr5llhjjaiNnTmuS88Q
Oops, I reassigned the wrong bug. Attempting to revert (but state is now ASSIGNED).
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-366.html