Bug#303177: kernel-source-2.6.8: DoS vulnerability in tmpfs
Package: kernel-source-2.6.8
Version: 2.6.8-16
Severity: important
Tags: security
Ubuntu reported a DoS in the tmpfs driver:
| A Denial of Service vulnerability was found in the tmpfs driver, which
| is commonly used to mount RAM disks below /dev/shm and /tmp. The
| shm_nopage() did not properly verify its address argument, which could
| be exploited by a local user to cause a kernel crash with invalid
| addresses.
Patch is available at:
http://linux.bkbits.net:8080/linux-2.6/cset@420551fbRlv9-QG6Gw9Lw_bKVfPSsg
I couldn't find a CVE assignment for this.
Cheers,
Moritz
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.11
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15@euro (charmap=ISO-8859-15)
Versions of packages kernel-source-2.6.8 depends on:
ii binutils 2.15-5 The GNU assembler, linker and bina
ii bzip2 1.0.2-5 high-quality block-sorting file co
ii coreutils [fileutils] 5.2.1-2 The GNU core utilities
Reply to: