[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#300163: [CAN-2004-1191]: Race condition could allow local users to read unauthorized memory from "foreign memory pages."



On Thu, Mar 17, 2005 at 10:42:28PM -0600, Micah Anderson wrote:
> Package: kernel-source-2.6.8
> Version: 2.6.8-14
> Severity: normal
> Tags: security patch
> 
> CAN-2004-1191 reads:
> 
> Race condition ... when run on SMP systems that have more than 4GB of
> memory, could allow local users to read unauthorized memory from
> "foreign memory pages." Apparantly it also allows remote attackers to
> obtain sensitive information, caused by a vulnerability in the
> smb_recv_trans2 function, could also send a specially-crafted TRANS2
> SMB packet to cause a kernel memory leak.

FYI, this problem (or one that looks a lot like it) is also 
present in 2.4.27 and I plan to include the following fixes
in kernel-source-2.4.27-9

http://linux.bkbits.net:8080/linux-2.4/cset@418e1b09MoAGAjd5ZLQzkiFiOkEfUw
http://linux.bkbits.net:8080/linux-2.4/cset@4194c993lBH6Oz19XYGdw8VtR9Du-g

-- 
Horms



Reply to: