[kernel] r4902 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Fri Nov 25 14:24:44 UTC 2005
Author: jmm-guest
Date: Fri Nov 25 14:24:43 2005
New Revision: 4902
Added:
patch-tracking/CVE-2004-2536
Log:
needs to be checked wrt 2.4
Added: patch-tracking/CVE-2004-2536
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2004-2536 Fri Nov 25 14:24:43 2005
@@ -0,0 +1,25 @@
+Candidate: CVE-2004-2536
+References:
+ http://www.ussg.iu.edu/hypermail/linux/kernel/0405.0/1242.html
+ http://www.ussg.iu.edu/hypermail/linux/kernel/0405.0/1265.html
+ http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.6
+Description:
+ The exit_thread function (process.c) in Linux kernel 2.6 through
+ 2.6.5 does not invalidate the per-TSS io_bitmap pointers if a
+ process obtains IO access permissions from the ioperm function but
+ does not drop those permissions when it exits, which allows other
+ processes to access the per-TSS pointers, access restricted memory
+ locations, and possibly gain privileges.
+Notes:
+Bugs:
+upstream: released (2.6.6)
+2.6.14: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security:
+2.6.8: N/A
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
More information about the Kernel-svn-changes
mailing list