[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: another kernel vulnerability

On Monday, 05 January 2004, at 17:21:52 +0100,
Teófilo Ruiz Suárez wrote:

> What about 2.6? Is it fixed anyhow?
> 
It seems to be fixed in 2.6.1-rc2, as Linus said. But the fix seems to
be temporary while kernel gurus and the people in charge of libc agree
on a better solution.
http://marc.theaimsgroup.com/?l=linux-kernel&m=107332772321771&w=2

>From patch-2.6.1-rc2.bz2:
diff -Nru a/mm/mremap.c b/mm/mremap.c
--- a/mm/mremap.c       Mon Jan  5 22:49:37 2004
+++ b/mm/mremap.c       Mon Jan  5 22:49:37 2004
@@ -315,6 +315,10 @@
        old_len = PAGE_ALIGN(old_len);
        new_len = PAGE_ALIGN(new_len);

+       /* Don't allow the degenerate cases */
+       if (!(old_len | new_len))
+               goto out;
+
        /* new_addr is only valid if MREMAP_FIXED is specified */
        if (flags & MREMAP_FIXED) {
                if (new_addr & ~PAGE_MASK)


Greetings.

-- 
Jose Luis Domingo Lopez
Linux Registered User #189436     Debian Linux Sid (Linux 2.6.1-rc1)
Reply to: