Bug#300163: [CAN-2004-1191]: Race condition could allow local users to read unauthorized memory from "foreign memory pages."

To: Micah Anderson <micah@riseup.net>, 300163@bugs.debian.org
Cc: control@bugs.debian.org
Subject: Bug#300163: [CAN-2004-1191]: Race condition could allow local users to read unauthorized memory from "foreign memory pages."
From: Horms <horms@debian.org>
Date: Wed, 23 Mar 2005 16:37:47 +0900
Message-id: <[🔎] 20050323073744.GC32642@verge.net.au>
Reply-to: Horms <horms@debian.org>, 300163@bugs.debian.org
In-reply-to: <[🔎] 20050318044229.29961564F9@pond>
References: <[🔎] 20050318044229.29961564F9@pond>

tag 300163 +pending
thanks

On Thu, Mar 17, 2005 at 10:42:28PM -0600, Micah Anderson wrote:
> Package: kernel-source-2.6.8
> Version: 2.6.8-14
> Severity: normal
> Tags: security patch
> 
> CAN-2004-1191 reads:
> 
> Race condition ... when run on SMP systems that have more than 4GB of
> memory, could allow local users to read unauthorized memory from
> "foreign memory pages." Apparantly it also allows remote attackers to
> obtain sensitive information, caused by a vulnerability in the
> smb_recv_trans2 function, could also send a specially-crafted TRANS2
> SMB packet to cause a kernel memory leak.
> 
> More information about this is here:
> http://www.novell.com/linux/security/advisories/2004_42_kernel.html
> http://xforce.iss.net/xforce/xfdb/18137
> 
> 2.6.8 needs both these patches:
> http://linux.bkbits.net:8080/linux-2.6/patch@1.1938.197.15?nav=cset@1.1938.197.15
> http://linux.bkbits.net:8080/linux-2.6/cset%4041e9a86bi4MvUzMJ8Ru62gdkFgHKtg
> 
> The second patch has been applied to Debian's kernel-source-2.6.8, but
> the first is also needed.

Thanks, it was included once upon a time, but was removed
as it was thought that the second patch replaced it,
rather than adding to the fix.

I have reinstated it in SVN and it should appear in
kernel-source-2.6.8-16

-- 
Horms

Reply to:

Follow-Ups:
- Processed: Re: Bug#300163: [CAN-2004-1191]: Race condition could allow local users to read unauthorized memory from "foreign memory pages."
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

References:
- Bug#300163: [CAN-2004-1191]: Race condition could allow local users to read unauthorized memory from "foreign memory pages."
  - From: Micah Anderson <micah@riseup.net>

Prev by Date: Bug#300163: [CAN-2004-1191]: Race condition could allow local users to read unauthorized memory from "foreign memory pages."
Next by Date: ABI-changing kernel security fixes for sarge
Previous by thread: Bug#300163: [CAN-2004-1191]: Race condition could allow local users to read unauthorized memory from "foreign memory pages."
Next by thread: Processed: Re: Bug#300163: [CAN-2004-1191]: Race condition could allow local users to read unauthorized memory from "foreign memory pages."
Index(es):
- Date
- Thread