Bug#303498: CAN-2005-0749: Elf Binary Loading Local DoS

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#303498: CAN-2005-0749: Elf Binary Loading Local DoS
From: "Geoff Crompton" <geoffc@strategicdata.com.au>
Date: Thu, 07 Apr 2005 12:50:47 +1000
Message-id: <[🔎] 20050407025048.48C11C000D48@sd01.mel.strategicdata.com.au>
Reply-to: "Geoff Crompton" <geoffc@strategicdata.com.au>, 303498@bugs.debian.org

Package: kernel-source-2.6.8
Version: 2.6.8-15
Severity: important

SecurityFocus http://www.securityfocus.com/bid/12935/discussion/ has the
following:
> It is reported that issue exists in the 'load_elf_library' function.
> Linux Kernel 2.6.11.5 and prior versions are affected by this issue.

Ubuntu mentions this issue as part of USN-103-1, and it's fixed in 2.6.11.6

The patch from 2.6.11.5 to 2.6.11.6 for the load_elf_library is here:
http://www.kernel.org/diff/diffview.cgi?file=%2Fpub%2Flinux%2Fkernel%2Fv2.6%2Fincr%2Fpatch-2.6.11.5-6.bz2;z=2

The changelog for that change says in relation:
>From: Herbert Xu <herbert@gondor.apana.org.au>
>Yichen Xie <yxie@cs.stanford.edu> points out that
>load_elf_library can modify `elf_phdata' before freeing it.

I'm not enough of a programmer to prepare a diff for the 2.6.8 source.

Reply to:

Prev by Date: Bug#303500: CAN-2005-0400: EXT2 File System Information Leak Vulnerability
Next by Date: Bug#303501: CAN-2005-0750: Bluetooth root exploit due to boundary checking
Previous by thread: Bug#303500: CAN-2005-0400: EXT2 File System Information Leak Vulnerability
Next by thread: Bug#303501: CAN-2005-0750: Bluetooth root exploit due to boundary checking
Index(es):
- Date
- Thread