Bug#303177: kernel-source-2.6.8: DoS vulnerability in tmpfs

To: Moritz Muehlenhoff <jmm@inutil.org>, 303177@bugs.debian.org
Subject: Bug#303177: kernel-source-2.6.8: DoS vulnerability in tmpfs
From: Horms <horms@debian.org>
Date: Wed, 6 Apr 2005 12:50:00 +0900
Message-id: <[🔎] 20050406034958.GF17555@verge.net.au>
Reply-to: Horms <horms@debian.org>, 303177@bugs.debian.org
In-reply-to: <[🔎] E1DIjxz-0001nx-QG@localhost.localdomain>
References: <[🔎] E1DIjxz-0001nx-QG@localhost.localdomain>

tag 303177 +pending
thanks

On Tue, Apr 05, 2005 at 11:03:23AM +0200, Moritz Muehlenhoff wrote:
> Package: kernel-source-2.6.8
> Version: 2.6.8-16
> Severity: important
> Tags: security
> 
> Ubuntu reported a DoS in the tmpfs driver:
> | A Denial of Service vulnerability was found in the tmpfs driver, which
> | is commonly used to mount RAM disks below /dev/shm and /tmp. The
> | shm_nopage() did not properly verify its address argument, which could
> | be exploited by a local user to cause a kernel crash with invalid
> | addresses.
> 
> Patch is available at:
> http://linux.bkbits.net:8080/linux-2.6/cset@420551fbRlv9-QG6Gw9Lw_bKVfPSsg

Thanks, it is in SVN.

> I couldn't find a CVE assignment for this. 

Me neither.

-- 
Horms

Reply to:

References:
- Bug#303177: kernel-source-2.6.8: DoS vulnerability in tmpfs
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: Bug#234365: Bug unreproducible with kernel 2.6.10
Next by Date: Processed: missing cc
Previous by thread: Bug#303177: kernel-source-2.6.8: DoS vulnerability in tmpfs
Next by thread: Bug#303200: kernel-image-2.6.10-1-686: kernel BUG at fs/reiserfs/file.c:534!
Index(es):
- Date
- Thread