Bug#303177: kernel-source-2.6.8: DoS vulnerability in tmpfs
tag 303177 +pending
thanks
On Tue, Apr 05, 2005 at 11:03:23AM +0200, Moritz Muehlenhoff wrote:
> Package: kernel-source-2.6.8
> Version: 2.6.8-16
> Severity: important
> Tags: security
>
> Ubuntu reported a DoS in the tmpfs driver:
> | A Denial of Service vulnerability was found in the tmpfs driver, which
> | is commonly used to mount RAM disks below /dev/shm and /tmp. The
> | shm_nopage() did not properly verify its address argument, which could
> | be exploited by a local user to cause a kernel crash with invalid
> | addresses.
>
> Patch is available at:
> http://linux.bkbits.net:8080/linux-2.6/cset@420551fbRlv9-QG6Gw9Lw_bKVfPSsg
Thanks, it is in SVN.
> I couldn't find a CVE assignment for this.
Me neither.
--
Horms
Reply to: