| 1 |
Candidate: CVE-2005-4605
|
| 2 |
References:
|
| 3 |
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8b90db0df7187a01fb7177f1f812123138f562cf
|
| 4 |
http://marc.theaimsgroup.com/?l=full-disclosure&m=113535380422339&w=2
|
| 5 |
http://linux.bkbits.net:8080/linux-2.6/gnupatch@43b562ae6hJGLWZA4TNf2k-RzXnVlQ
|
| 6 |
Description:
|
| 7 |
The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions
|
| 8 |
before 2.6.15 allows attackers to read sensitive kernel memory via
|
| 9 |
unspecified vectors in which a signed value is added to an unsigned
|
| 10 |
value.
|
| 11 |
Notes:
|
| 12 |
jmm> 2.4 not affected as proc_file_lseek() contains a check for this
|
| 13 |
jmm> if (offset>=0 && (unsigned long long)offset<=file->f_dentry->d_inode->i_sb->s_maxbytes) {
|
| 14 |
jmm> Discovered by Karl Janmar
|
| 15 |
Bugs:
|
| 16 |
upstream: released (2.6.15), released (2.6.14.6)
|
| 17 |
linux-2.6: released (2.6.15-1)
|
| 18 |
2.6.8-sarge-security: released (2.6.8-16sarge2) [proc-legacy-loff-underflow.dpatch]
|
| 19 |
2.4.27-sarge-security: N/A
|
| 20 |
2.4.19-woody-security: N/A
|
| 21 |
2.4.18-woody-security: N/A
|
| 22 |
2.4.17-woody-security: N/A
|
| 23 |
2.4.16-woody-security: N/A
|
| 24 |
2.4.17-woody-security-hppa: N/A
|
| 25 |
2.4.17-woody-security-ia64: N/A
|
Parent Directory
| 
Revision Log