Bug 289151 (CVE-2006-4538) - CVE-2006-4538 kernel: Local DoS with corrupted ELF
Summary: CVE-2006-4538 kernel: Local DoS with corrupted ELF
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2006-4538
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 205335 289161 289171
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-09-13 12:01 UTC by Mark J. Cox
Modified: 2019-09-29 12:21 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-09-28 23:12:27 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2007:1049 0 normal SHIPPED_LIVE Important: kernel security and bug fix update 2007-12-03 15:37:55 UTC
Red Hat Product Errata RHSA-2008:0787 0 normal SHIPPED_LIVE Important: kernel security update 2009-01-05 07:08:54 UTC

Description Mark J. Cox 2007-09-13 12:01:42 UTC
Already fixed for RHEL4, but not for RHEL3/2.1-ia64.  See bz#205335 for
EL4 reproducer.

From Kirill Korotaev:

When running on IA64 or SPARC platforms, local users can cause a denial of
service via a malformed ELF file and then triggered by cross-region mappings.

http://lkml.org/lkml/2006/9/4/116

Comment 3 Kurt Seifried 2011-09-28 23:12:27 UTC
This issue has been addressed in following products:

  Red Hat Linux Enterprise 2.1
  Red Hat Linux Enterprise 3
  
Via RHSA-2007:1049 available at https://rhn.redhat.com/errata/RHSA-2007-1049.html and RHSA-2008:0787 available at https://rhn.redhat.com/errata/RHSA-2008-0787.html


Note You need to log in before you can comment on or make changes to this bug.