Re: {2.6.22.y} CVE-2007-6434

From: Chris Wright
Date: Mon Feb 04 2008 - 16:35:04 EST

Next message: Oliver Pinter: "Re: {2.6.22.y} CVE-2007-6434"
Previous message: Oliver Pinter: "Re: [Wireless, ath5k] 2.6.24-git13 9135f1901ee6449dfe338adf6e40e9c2025b8150"
In reply to: Greg KH: "Re: {2.6.22.y} CVE-2007-6434"
Next in thread: Oliver Pinter: "Re: {2.6.22.y} CVE-2007-6434"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Oliver Pinter (oliver.pntr@xxxxxxxxx) wrote:
> mainline: ecaf18c15aac8bb9bed7b7aa0e382fe252e275d5
>
> --->8---
> commit ecaf18c15aac8bb9bed7b7aa0e382fe252e275d5
> Author: Eric Paris <eparis@xxxxxxxxxx>
> Date: Tue Dec 4 23:45:31 2007 -0800
>
> VM/Security: add security hook to do_brk
>
> Given a specifically crafted binary do_brk() can be used to get low pages
> available in userspace virtual memory and can thus be used to circumvent
> the mmap_min_addr low memory protection. Add security checks in do_brk().

All of the low mmap addr stuff isn't added until 2.6.23.

thanks,
-chris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Oliver Pinter: "Re: {2.6.22.y} CVE-2007-6434"
Previous message: Oliver Pinter: "Re: [Wireless, ath5k] 2.6.24-git13 9135f1901ee6449dfe338adf6e40e9c2025b8150"
In reply to: Greg KH: "Re: {2.6.22.y} CVE-2007-6434"
Next in thread: Oliver Pinter: "Re: {2.6.22.y} CVE-2007-6434"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]