commit 0dba0f6b382bf360a1974fd78538273478dfc784 tree 99fca29bf28dcd04c93b43b7575aaa00f5794288 parent 3c1e09e173e5fec7535a3795c4bc7870c8026ff3 author Hugh Dickins <hugh> Tue, 25 Apr 2006 20:05:59 +0100 committer Marcelo Tosatti <marcelo> Thu, 27 Apr 2006 02:48:15 -0300 [PATCH] fix shm mprotect (CVE-2006-1524) shmat stop mprotect from giving write permission to a readonly attachment. Signed-off-by: Hugh Dickins <hugh> ipc/shm.c | 2 ++ 1 files changed, 2 insertions(+) diff --git a/ipc/shm.c b/ipc/shm.c index 1df0577..36cb09a 100644 --- a/ipc/shm.c +++ b/ipc/shm.c @@ -161,6 +161,8 @@ static int shm_mmap(struct file * file, { UPDATE_ATIME(file->f_dentry->d_inode); vma->vm_ops = &shm_vm_ops; + if (!(vma->vm_flags & VM_WRITE)) + vma->vm_flags &= ~VM_MAYWRITE; shm_inc(file->f_dentry->d_inode->i_ino); return 0; } - To unsubscribe from this list: send the line "unsubscribe git-commits-24" in the body of a message to majordomo.org More majordomo info at http://vger.kernel.org/majordomo-info.html -- Scanned by ClamAV - http://www.clamav.net
Created attachment 128305 [details] patch file for CVE-2006-1524 I've included the patch from upstream. --James
*** This bug has been marked as a duplicate of 200034 ***