Bug#532722: linux-2.6: CVE-2009-1914 local dos in /proc/iomem on sparc

To: Michael S Gilbert <michael.s.gilbert@gmail.com>
Cc: 532722@bugs.debian.org
Subject: Bug#532722: linux-2.6: CVE-2009-1914 local dos in /proc/iomem on sparc
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 23 Jul 2009 19:41:42 +0200
Message-id: <[🔎] 20090723174142.GF29985@inutil.org>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 532722@bugs.debian.org
In-reply-to: <8e2a98be0906101547j3a370c1w5205c3a691d12277@mail.gmail.com>
References: <8e2a98be0906101547j3a370c1w5205c3a691d12277@mail.gmail.com>

Version: 2.6.29-1

On Wed, Jun 10, 2009 at 06:47:33PM -0400, Michael S Gilbert wrote:
> Package: linux-2.6
> Version: FILLINAFFECTEDVERSION
> Severity: important
> Tags: security , patch
> 
> Hi,
> the following CVE (Common Vulnerabilities & Exposures) id was
> published for linux-2.6.
> 
> CVE-2009-1914[0]:
> | The pci_register_iommu_region function in
> | arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on
> | the sparc64 platform allows local users to cause a denial of service
> | (system crash) by reading the /proc/iomem file, related to
> | uninitialized pointers and the request_resource function.
> 
> If you fix the vulnerability please also make sure to include the
> CVE id in your changelog entry.

Fixed in 2.6.29.

Cheers,
        Moritz

Reply to:

Prev by Date: Bug#502452: kernel: UDF written file corrupted by zeros
Next by Date: Bug#504502: btrfs-source - BUG during bonnie
Previous by thread: Bug#502452: kernel: UDF written file corrupted by zeros
Next by thread: Bug#504502: btrfs-source - BUG during bonnie
Index(es):
- Date
- Thread