Bug#308584: kernel-source-2.4.27: missing sysctl slot for ia64 results in local DoS
On Mon, 2005-05-30 at 00:22 -0600, dann frazier wrote:
> On Wed, 2005-05-11 at 18:30 +0900, Horms wrote:
> > Package: kernel-source-2.4.27
> > Version: 2.4.27-10
> > Severity: important
> > Tags: patch, security, pending
> >
> >
> > I got this from Moritz Muehlenhoff <jmm@inutil.org>:
> >
> > http://www.redhat.com/support/errata/RHSA-2005-284.html This is
> > CAN-2005-0137 : Linux kernel 2.6 on Itanium (ia64) architectures
> > allows local users to cause a denial of service via a "missing
> > Itanium syscall table entry."
> >
> > On investigation I found that
> >
> > 2.4.27 is vulnerable to this. 2.6.8 and 2.6.11 are not.
> > The bug has been fixed upstream for both 2.4 and 2.6 and
> > I have put a this patch into SVN for 2.4.27
>
> Actually, this fix is already in kernel-patch-2.4.27-ia64 (2.4.27-3).
> It was included when I resync'd with upstream; I didn't include a
> reference in the changelog because I was unsure if the CAN ID was public
> yet.
>
> kernel-patch-2.4.27-ia64 has already made its way into sarge, and:
>
> <vorlon> anyway, yeah, 2.4 kernels are also being synced up; I've already approved 2.4.27-8 in for ia64
>
> 2.4.27-8 was built against -3, so it sounds like this fix should already
> be going in.
Testing a build against 2.4.27-10, I noticed that both patches will
apply. Since they both add a syscall slot, we silently get one extra
syscall slot :/ I'm unsure how severe of a problem this is - but I fear
it may introduce a DoS vector of its own.
I think the best solution at this point is to build a
kernel-patch-2.4.27-ia64 (2.4.27-4) that reverts this change and prepare
a kernel-image along with it, therefore requiring no changes to
kernel-source-2.4.27. What do you think?
Release Team: If I get these 2 builds into sid can we move these into
sarge with the other kernel updates?
Reply to: