[kernel-sec-discuss] r1428 - active
Michael Gilbert
gilbert-guest at alioth.debian.org
Fri Jul 24 19:16:06 UTC 2009
Author: gilbert-guest
Date: 2009-07-24 19:16:02 +0000 (Fri, 24 Jul 2009)
New Revision: 1428
Added:
active/CVE-2009-2584
Log:
new issue
Copied: active/CVE-2009-2584 (from rev 1427, active/00boilerplate)
===================================================================
--- active/CVE-2009-2584 (rev 0)
+++ active/CVE-2009-2584 2009-07-24 19:16:02 UTC (rev 1428)
@@ -0,0 +1,23 @@
+Candidate: CVE-2009-2584
+Description:
+ Off-by-one error in the options_write function in
+ drivers/misc/sgi-gru/gruprocfs.c in the SGI GRU driver in the Linux kernel
+ 2.6.30.2 and earlier on ia64 and x86 platforms might allow local users to
+ overwrite arbitrary memory locations and gain privileges via a crafted count
+ argument, which triggers a stack-based buffer overflow.
+References:
+ http://grsecurity.net/~spender/exploit_demo.c
+ http://lkml.org/lkml/2009/7/20/348
+ http://xorl.wordpress.com/2009/07/21/linux-kernel-sgi-gru-driver-off-by-one-overwrite
+Ubuntu-Description:
+Notes:
+Bugs:
+upstream:
+linux-2.6:
+2.6.18-etch-security:
+2.6.24-etch-security:
+2.6.26-lenny-security:
+2.6.15-dapper-security:
+2.6.22-gutsy-security:
+2.6.24-hardy-security:
+2.6.27-intrepid-security:
More information about the kernel-sec-discuss
mailing list