289151 – (CVE-2006-4538) CVE-2006-4538 kernel: Local DoS with corrupted ELF

Bug 289151 (CVE-2006-4538) - CVE-2006-4538 kernel: Local DoS with corrupted ELF

Summary: CVE-2006-4538 kernel: Local DoS with corrupted ELF

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2006-4538
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	205335 289161 289171
Blocks:
TreeView+	depends on / blocked

Reported:	2007-09-13 12:01 UTC by Mark J. Cox
Modified:	2019-09-29 12:21 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-09-28 23:12:27 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2007:1049	0	normal	SHIPPED_LIVE	Important: kernel security and bug fix update	2007-12-03 15:37:55 UTC
Red Hat Product Errata	RHSA-2008:0787	0	normal	SHIPPED_LIVE	Important: kernel security update	2009-01-05 07:08:54 UTC

Description Mark J. Cox 2007-09-13 12:01:42 UTC

Already fixed for RHEL4, but not for RHEL3/2.1-ia64.  See bz#205335 for
EL4 reproducer.

From Kirill Korotaev:

When running on IA64 or SPARC platforms, local users can cause a denial of
service via a malformed ELF file and then triggered by cross-region mappings.

http://lkml.org/lkml/2006/9/4/116

Comment 3 Kurt Seifried 2011-09-28 23:12:27 UTC

This issue has been addressed in following products:

  Red Hat Linux Enterprise 2.1
  Red Hat Linux Enterprise 3
  
Via RHSA-2007:1049 available at https://rhn.redhat.com/errata/RHSA-2007-1049.html and RHSA-2008:0787 available at https://rhn.redhat.com/errata/RHSA-2008-0787.html

Note You need to log in before you can comment on or make changes to this bug.