Bug#308584: kernel-source-2.4.27: missing sysctl slot for ia64 results in local DoS

Wed, 11 May 2005 02:40:35 -0700 

Package: kernel-source-2.4.27
Version: 2.4.27-10
Severity: important
Tags: patch, security, pending


I got this from Moritz Muehlenhoff <[EMAIL PROTECTED]>:

   http://www.redhat.com/support/errata/RHSA-2005-284.html This is
   CAN-2005-0137 : Linux kernel 2.6 on Itanium (ia64) architectures
   allows local users to cause a denial of service via a "missing
   Itanium syscall table entry."

On investigation I found that 

   2.4.27 is vulnerable to this. 2.6.8 and 2.6.11 are not.
   The bug has been fixed upstream for both 2.4 and 2.6 and
   I have put a this patch into SVN for 2.4.27

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.11-1-686
Locale: LANG=ja_JP.eucJP, LC_CTYPE=ja_JP.eucJP (charmap=EUC-JP) (ignored: 
LC_ALL set to ja_JP.eucJP)

Versions of packages kernel-source-2.4.27 depends on:
ii  binutils                      2.15-5     The GNU assembler, linker and bina
ii  bzip2                         1.0.2-5    high-quality block-sorting file co
ii  coreutils [fileutils]         5.2.1-2    The GNU core utilities
ii  fileutils                     5.2.1-2    The GNU file management utilities 

-- no debconf information

# origin: bjorn.helgaas (BitKeeper)
# cset: 1.1461 (2.4) key=42336f56oUNh6k9KKMFrbmGgsap8yQ
# URL: http://linux.bkbits.net:8080/linux-2.4/[EMAIL PROTECTED]
# inclusion: upstream
# descrition: ia64: add missing syscall-slot.
# revision date: Wed, 11 May 2005 18:18:46 +0900
#
# S rset: ChangeSet|1.1460..1.1461
# I rset: arch/ia64/kernel/entry.S|1.15..1.16
#
# Key:
# S: Skipped  ChangeSet file only
# O: Original Followed by Updated
# U: Updated  Included with updated range of versions
# I: Included Included verbatim
# E: Excluded Excluded on request from user
# D: Deleted  Manually deleted by subsequent user edit
# R: Revised  Manually revised by subsequent user edit
#
#
# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
#   2005/03/12 15:38:14-07:00 [EMAIL PROTECTED] 
#   ia64: add missing syscall-slot.
# 
# arch/ia64/kernel/entry.S
#   2005/03/12 15:27:20-07:00 [EMAIL PROTECTED] +1 -0
#   Add missing syscall-slot.
# 
#
===== arch/ia64/kernel/entry.S 1.15 vs 1.16 =====
--- 1.15/arch/ia64/kernel/entry.S       2003-07-30 22:33:09 +09:00
+++ 1.16/arch/ia64/kernel/entry.S       2005-03-13 07:27:20 +09:00
@@ -1443,3 +1443,4 @@ sys_call_table:
        data8 ia64_ni_syscall
        data8 ia64_ni_syscall
        data8 ia64_ni_syscall
+       data8 ia64_ni_syscall

Reply via email to