+++ This bug was initially created as a clone of Bug #460857 +++ Description of problem: Eugene Teo discovered that range_is_allowed() check is only added in {read,write}_mem(). It is possible for an illegitimate application to bypass these checks, and access /dev/mem beyond the 1M limit by calling mmap_mem() instead. --- Additional comment from eteo on 2008-09-02 00:07:32 EDT --- This appears to be fixed in upstream since commit e2beb3eae.
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
Closing this BZ. We do not have a business case for 4.5.z backport.