Description of problem: Tavis Ormandy reported missing boundary checks in the Virtual Dynamic Shared Objects (vDSO) implementation. This could allow a local unprivileged user to cause a denial of service or privilege escalation.
Proposed upstream patch: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7d91d531900bfa1165d445390b3b13a8013f98f7 The patch should fix both the i386 and the x86_64/ia32 bits.
Created attachment 322397 [details] Upstream patch for this issue
Created attachment 322399 [details] Proposed backported patch
This was addressed via: Red Hat Enterprise Linux version 5 (RHSA-2008:0957)