Bug#302352: kernel-source-2.6.8: possible local DoS in AIO on PPC64 and IA64 (CAN-2005-0916)

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#302352: kernel-source-2.6.8: possible local DoS in AIO on PPC64 and IA64 (CAN-2005-0916)
From: Stefan Fritsch <sf@sfritsch.de>
Date: Thu, 31 Mar 2005 13:58:11 +0200
Message-id: <[🔎] E1DGyJP-0003zs-Eh@k.local>
Reply-to: Stefan Fritsch <sf@sfritsch.de>, 302352@bugs.debian.org

Package: kernel-source-2.6.8
Version: 2.6.8-15
Severity: critical
Tags: security


CAN-2005-0916 reads:
AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with
CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of
service (system panic) via a process that executes the io_queue_init
function but exits without running io_queue_release, which causes
exit_aio and is_hugepage_only_range to fail.

The vulnerable code is also in 2.6.8 but not in 2.4.27.

Please mention the CAN number in the changelog.

See also:
http://groups-beta.google.com/group/linux.kernel/browse_thread/thread/13b43bd5783842f6/7ce3c5a514a497ab?q=io_queue_init&rnum=3#7ce3c5a514a497ab
http://linux.bkbits.net:8080/linux-2.6/cset%404248c8c0es30_4YVdwa6vteKi7h_nw

Reply to:

Prev by Date: Bug#270376: PCMCIA Nic stops working after upgrading to 2.6.6/7/8
Next by Date: Processed: Re: Bug#302317: module-assistant: failed to build ipw2100-source with gcc-version.sh: No such file or directory
Previous by thread: Processed: [horms@debian.org: Re: Bug#301936: Duplicate bug]
Next by thread: Bug#302375: kernel-source-2.6.8: fails to compile; undefined reference to `acpi_processor_register_performance'
Index(es):
- Date
- Thread