Red Hat Bugzilla – Bug 466707
CVE-2008-4554 kernel: don't allow splice() to files opened with O_APPEND
Last modified: 2010-12-21 12:47:56 EST
Description of problem:
Miklos Szeredi reported that splice() to files opened with O_APPEND are ignored, which allows users to bypass the append-only restriction.
Proposed upstream patch:
Created attachment 320167 [details]
Upstream patch for this issue
Created attachment 320170 [details]
Proposed backport patch for realtime kernel
MRG: patch added to kernel -85
kernel-126.96.36.199-49.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This was addressed via:
Red Hat Enterprise Linux version 5 (RHSA-2008:1017)
MRG Realtime for RHEL 5 Server (RHSA-2009:0009)