Description of problem: There is a bug in set_tssldt_descriptor routine that when it is called, it will use a size larger than (entries * LDT_ENTRY_SIZE - 1), resulting in an unintended miscalculation of the ldt limits. Version-Release number of selected component (if applicable): It only affects 2.6.25-based kernel releases. Additional info: RHEL kernels are not affected by this. Filing this for Fedora kernels.
Proposed upstream patch: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=5ac37f87ff18843aabab84cf75b2f8504c2d81fe
Created attachment 311797 [details] Upstream patch for this issue
cvs already merged up to 2.6.25.11, update should be going out soon.
F8 and F9 updates are released.
This issue was addressed in: Fedora: https://admin.fedoraproject.org/updates/F8/FEDORA-2008-6613 https://admin.fedoraproject.org/updates/F9/FEDORA-2008-6634