Bug 190082 - [PATCH] shm mprotect (CVE-2006-1524)
[PATCH] shm mprotect (CVE-2006-1524)
Status: CLOSED DUPLICATE of bug 200034
Product: Fedora Legacy
Classification: Retired
Component: kernel (Show other bugs)
unspecified
All Linux
medium Severity high
: ---
: ---
Assigned To: Fedora Legacy Bugs
http://www.kernel.org/git/?p=linux/ke...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-04-27 08:39 EDT by James Kosin
Modified: 2007-04-18 13:42 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-07-24 18:22:22 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch file for CVE-2006-1524 (733 bytes, patch)
2006-04-27 08:42 EDT, James Kosin
no flags Details | Diff

  None (edit)
Description James Kosin 2006-04-27 08:39:55 EDT
commit 0dba0f6b382bf360a1974fd78538273478dfc784
tree 99fca29bf28dcd04c93b43b7575aaa00f5794288
parent 3c1e09e173e5fec7535a3795c4bc7870c8026ff3
author Hugh Dickins <hugh@veritas.com> Tue, 25 Apr 2006 20:05:59 +0100
committer Marcelo Tosatti <marcelo@dmt.cnet> Thu, 27 Apr 2006 02:48:15 -0300

[PATCH] fix shm mprotect (CVE-2006-1524)

shmat stop mprotect from giving write permission to a readonly attachment.

Signed-off-by: Hugh Dickins <hugh@veritas.com>

 ipc/shm.c |    2 ++
 1 files changed, 2 insertions(+)

diff --git a/ipc/shm.c b/ipc/shm.c
index 1df0577..36cb09a 100644
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -161,6 +161,8 @@ static int shm_mmap(struct file * file, 
 {
 	UPDATE_ATIME(file->f_dentry->d_inode);
 	vma->vm_ops = &shm_vm_ops;
+	if (!(vma->vm_flags & VM_WRITE))
+		vma->vm_flags &= ~VM_MAYWRITE;
 	shm_inc(file->f_dentry->d_inode->i_ino);
 	return 0;
 }
-
To unsubscribe from this list: send the line "unsubscribe git-commits-24" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
-- Scanned by ClamAV - http://www.clamav.net
Comment 1 James Kosin 2006-04-27 08:42:29 EDT
Created attachment 128305 [details]
patch file for CVE-2006-1524

I've included the patch from upstream.
--James
Comment 2 Marc Deslauriers 2006-07-24 18:22:22 EDT

*** This bug has been marked as a duplicate of 200034 ***

Note You need to log in before you can comment on or make changes to this bug.