| 1 |
Candidate: CVE-2006-5649
|
| 2 |
References:
|
| 3 |
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4393c4f6788cee65095dd838cfeca6edefbfeb52
|
| 4 |
Description:
|
| 5 |
The alignment exception used to only check the exception table for
|
| 6 |
-EFAULT, not for other errors. That opens an oops window if we can
|
| 7 |
coerce the kernel into getting an alignment exception for other
|
| 8 |
reasons in what would normally be a user-protected accessor, which
|
| 9 |
can be done via some of the futex ops. This fixes it by always
|
| 10 |
checking the exception tables.
|
| 11 |
Ubuntu-Description:
|
| 12 |
Fabio Massimo Di Nitto discovered a flaw in the alignment check
|
| 13 |
exception handling on the powerpc platform. A local attacker could
|
| 14 |
exploit this to cause a kernel panic and crash the machine.
|
| 15 |
Notes:
|
| 16 |
http://ozlabs.org/pipermail/linuxppc-dev/2006-October/027338.html
|
| 17 |
Bugs:
|
| 18 |
upstream: released (2.6.19-rc5), released (2.6.18.3)
|
| 19 |
linux-2.6: released (2.6.18-4)
|
| 20 |
2.6.8-sarge-security: released (2.6.8-16sarge6) [ppc-alignment-exception-table-check.dpatch]
|
| 21 |
2.4.27-sarge-security: released (2.4.27-10sarge5) [235_ppc-alignment-exception-table-check.diff]
|
| 22 |
2.6.12-breezy-security: released (2.6.12-10.41)
|
| 23 |
2.6.15-dapper-security: released (2.6.15-27.49)
|
| 24 |
2.6.17-edgy-security: released (2.6.17.1-10.34)
|
Parent Directory
| 
Revision Log