Bug#332569: kernel-source-2.4.27: [CAN-2005-3105] [IA64] Montecito CPU local DoS
Package: kernel-source-2.4.27
Version: 2.4.27-11
Severity: important
Tags: patch security
It appears that 2.4.27 is vulnerable to CAN-2005-3105,
which has long been fixed in Debian's 2.6
Dann, can you take a look into this?
CAN stuff is below for reference, though the patch came from
you in the first place.
andidate: CAN-2005-3105
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3105
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20050930
Category: SF
Reference:
MISC:http://www.intel.com/cd/ids/developer/asmo-na/eng/215766.htm
Reference:
MISC:http://cache-www.intel.com/cd/00/00/21/57/215792_215792.pdf
Reference:
CONFIRM:http://linux.bkbits.net:8080/linux-2.6/cset@4248d4019z8HvgrPAji51TKrWiV2uw?nav=index.html|src/|src/mm|related/mm/mprotect.c
The mrpotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito
processors does not properly maintain cache coherency as required by
the architecture, which allows local users to cause a denial of
service and possibly corrupt data by modifying PTE protections.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-1-686-smp
Locale: LANG=ja_JP.eucJP, LC_CTYPE=ja_JP.eucJP (charmap=EUC-JP) (ignored: LC_ALL set to ja_JP.eucJP)
Versions of packages kernel-source-2.4.27 depends on:
ii binutils 2.16.1cvs20050902-1 The GNU assembler, linker and bina
ii bzip2 1.0.2-10 high-quality block-sorting file co
ii coreutils [fileutils 5.2.1-2.1 The GNU core utilities
ii fileutils 5.2.1-2.1 The GNU file management utilities
Versions of packages kernel-source-2.4.27 recommends:
ii gcc-3.3 1:3.3.6-10 The GNU C compiler
ii libc6-dev [libc-dev] 2.3.5-6 GNU C Library: Development Librari
ii make 3.80-11 The GNU version of the "make" util
-- no debconf information
Reply to: