Bug#303177: kernel-source-2.6.8: DoS vulnerability in tmpfs

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#303177: kernel-source-2.6.8: DoS vulnerability in tmpfs
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Tue, 05 Apr 2005 11:03:23 +0200
Message-id: <[🔎] E1DIjxz-0001nx-QG@localhost.localdomain>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 303177@bugs.debian.org

Package: kernel-source-2.6.8
Version: 2.6.8-16
Severity: important
Tags: security

Ubuntu reported a DoS in the tmpfs driver:
| A Denial of Service vulnerability was found in the tmpfs driver, which
| is commonly used to mount RAM disks below /dev/shm and /tmp. The
| shm_nopage() did not properly verify its address argument, which could
| be exploited by a local user to cause a kernel crash with invalid
| addresses.

Patch is available at:
http://linux.bkbits.net:8080/linux-2.6/cset@420551fbRlv9-QG6Gw9Lw_bKVfPSsg

I couldn't find a CVE assignment for this. 

Cheers,
        Moritz

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.11
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15@euro (charmap=ISO-8859-15)

Versions of packages kernel-source-2.6.8 depends on:
ii  binutils                      2.15-5     The GNU assembler, linker and bina
ii  bzip2                         1.0.2-5    high-quality block-sorting file co
ii  coreutils [fileutils]         5.2.1-2    The GNU core utilities

Reply to:

Follow-Ups:
- Bug#303177: kernel-source-2.6.8: DoS vulnerability in tmpfs
  - From: Horms <horms@debian.org>

Prev by Date: Re: non-free firmware in kernel modules, aggregation and unclear copyright notice.
Next by Date: Re: non-free firmware in kernel modules, aggregation and unclear copyright notice.
Previous by thread: Bug#294203: Kernel Oops with capiinit, complete hang with capidrv module loading
Next by thread: Bug#303177: kernel-source-2.6.8: DoS vulnerability in tmpfs
Index(es):
- Date
- Thread