Bug#323363: CAN-2005-2553: DoS in find_target() of ptrace32.c

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#323363: CAN-2005-2553: DoS in find_target() of ptrace32.c
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Tue, 16 Aug 2005 11:29:18 +0200
Message-id: <[🔎] E1E4xl0-0001yn-EU@localhost.localdomain>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 323363@bugs.debian.org

Package: kernel-source-2.4.27
Severity: important
Tags: security patch

CAN-2005-2553 describes the following DoS vulnerability:

> The find_target function in ptrace32.c in the Linux kernel 2.4.x
> before 2.4.29 does not properly handle a NULL return value from
> another function, which allows local users to cause a denial of service
> (kernel crash/oops) by running a 32-bit ltrace program with the
> -i option on a 64-bit executable program.                                                                                    

More information/patch:

http://lkml.org/lkml/2005/1/5/245
http://linux.bkbits.net:8080/linux-2.4/cset@41dd3455GwQPufrGvBJjcUOXQa3WXA
        
Cheers,
        Moritz

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-rc5
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15@euro (charmap=ISO-8859-15)

Reply to:

Follow-Ups:
- Bug#323363: CAN-2005-2553: DoS in find_target() of ptrace32.c
  - From: Horms <horms@debian.org>

Prev by Date: [PATCH] Bogus code in parsing of iocharset in isofs
Next by Date: Re: Moving forward with the 2.4.27 and 2.6.8 kernels
Previous by thread: Re: Moving forward with the 2.4.27 and 2.6.8 kernels
Next by thread: Bug#323363: CAN-2005-2553: DoS in find_target() of ptrace32.c
Index(es):
- Date
- Thread