[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#300163: [CAN-2004-1191]: Race condition could allow local users to read unauthorized memory from "foreign memory pages."

On Wed, Mar 23, 2005 at 04:56:19PM +0900, Horms wrote:
> On Thu, Mar 17, 2005 at 10:42:28PM -0600, Micah Anderson wrote:
> > Package: kernel-source-2.6.8
> > Version: 2.6.8-14
> > Severity: normal
> > Tags: security patch
> > 
> > CAN-2004-1191 reads:
> > 
> > Race condition ... when run on SMP systems that have more than 4GB of
> > memory, could allow local users to read unauthorized memory from
> > "foreign memory pages." Apparantly it also allows remote attackers to
> > obtain sensitive information, caused by a vulnerability in the
> > smb_recv_trans2 function, could also send a specially-crafted TRANS2
> > SMB packet to cause a kernel memory leak.
> 
> FYI, this problem (or one that looks a lot like it) is also 
> present in 2.4.27 and I plan to include the following fixes
> in kernel-source-2.4.27-9
> 
> http://linux.bkbits.net:8080/linux-2.4/cset@418e1b09MoAGAjd5ZLQzkiFiOkEfUw
> http://linux.bkbits.net:8080/linux-2.4/cset@4194c993lBH6Oz19XYGdw8VtR9Du-g

Correction, these changes were included in kernel-source-2.4.27-6.

-- 
Horms
Reply to: