[kernel-sec-discuss] r1626 - active retired

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Dec 2 21:14:39 UTC 2009


Author: jmm
Date: 2009-12-02 21:14:39 +0000 (Wed, 02 Dec 2009)
New Revision: 1626

Added:
   retired/CVE-2009-3888
Removed:
   active/CVE-2009-3888
Log:
retire issue


Deleted: active/CVE-2009-3888
===================================================================
--- active/CVE-2009-3888	2009-12-02 15:15:54 UTC (rev 1625)
+++ active/CVE-2009-3888	2009-12-02 21:14:39 UTC (rev 1626)
@@ -1,25 +0,0 @@
-Candidate: CVE-2009-3888
-Description:
- Don't pass NULL pointers to fput() in the error handling paths of the
- NOMMU do_mmap_pgoff() as it can't handle it.
- .
- The following can be used as a test program:
- int main() { static long long a[1024 * 1024 * 20] = { 0 }; return a;}
- .
- Without the patch, the code oopses in atomic_long_dec_and_test() as
- called by fput() after the kernel complains that it can't allocate
- that big a chunk of memory.  With the patch, the kernel just complains 
- about the allocation size and then the program segfaults during execve() 
- as execve() can't complete the allocation of all the new ELF program 
- segments.
-References:
- http://www.openwall.com/lists/oss-security/2009/11/09/2
- http://xorl.wordpress.com/2009/11/05/linux-kernel-nommu-fput-null-pointer-dereference/
-Notes:
-Bugs:
-upstream: released (2.6.32-rc6) [89a8640279f8bb78aaf778d1fc5c4a6778f18064]
-2.6.31-upstream-stable: released (2.6.31.6)
-linux-2.6: released (2.6.31-2) [bugfix/all/stable/2.6.31.6.patch]
-2.6.18-etch-security: ignored "needs port, only affects system w/o an mmu"
-2.6.24-etch-security: ignored "needs port, only affects system w/o an mmu"
-2.6.26-lenny-security: ignored "needs port, only affects system w/o an mmu"

Copied: retired/CVE-2009-3888 (from rev 1618, active/CVE-2009-3888)
===================================================================
--- retired/CVE-2009-3888	                        (rev 0)
+++ retired/CVE-2009-3888	2009-12-02 21:14:39 UTC (rev 1626)
@@ -0,0 +1,25 @@
+Candidate: CVE-2009-3888
+Description:
+ Don't pass NULL pointers to fput() in the error handling paths of the
+ NOMMU do_mmap_pgoff() as it can't handle it.
+ .
+ The following can be used as a test program:
+ int main() { static long long a[1024 * 1024 * 20] = { 0 }; return a;}
+ .
+ Without the patch, the code oopses in atomic_long_dec_and_test() as
+ called by fput() after the kernel complains that it can't allocate
+ that big a chunk of memory.  With the patch, the kernel just complains 
+ about the allocation size and then the program segfaults during execve() 
+ as execve() can't complete the allocation of all the new ELF program 
+ segments.
+References:
+ http://www.openwall.com/lists/oss-security/2009/11/09/2
+ http://xorl.wordpress.com/2009/11/05/linux-kernel-nommu-fput-null-pointer-dereference/
+Notes:
+Bugs:
+upstream: released (2.6.32-rc6) [89a8640279f8bb78aaf778d1fc5c4a6778f18064]
+2.6.31-upstream-stable: released (2.6.31.6)
+linux-2.6: released (2.6.31-2) [bugfix/all/stable/2.6.31.6.patch]
+2.6.18-etch-security: ignored "needs port, only affects system w/o an mmu"
+2.6.24-etch-security: ignored "needs port, only affects system w/o an mmu"
+2.6.26-lenny-security: ignored "needs port, only affects system w/o an mmu"




More information about the kernel-sec-discuss mailing list