Bug#300163: [CAN-2004-1191]: Race condition could allow local users to read unauthorized memory from "foreign memory pages."
On Thu, Mar 17, 2005 at 10:42:28PM -0600, Micah Anderson wrote:
> Package: kernel-source-2.6.8
> Version: 2.6.8-14
> Severity: normal
> Tags: security patch
>
> CAN-2004-1191 reads:
>
> Race condition ... when run on SMP systems that have more than 4GB of
> memory, could allow local users to read unauthorized memory from
> "foreign memory pages." Apparantly it also allows remote attackers to
> obtain sensitive information, caused by a vulnerability in the
> smb_recv_trans2 function, could also send a specially-crafted TRANS2
> SMB packet to cause a kernel memory leak.
FYI, this problem (or one that looks a lot like it) is also
present in 2.4.27 and I plan to include the following fixes
in kernel-source-2.4.27-9
http://linux.bkbits.net:8080/linux-2.4/cset@418e1b09MoAGAjd5ZLQzkiFiOkEfUw
http://linux.bkbits.net:8080/linux-2.4/cset@4194c993lBH6Oz19XYGdw8VtR9Du-g
--
Horms
Reply to: