[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2009-0024 kernel: local privilege escalation in sys_remap_file_pages
From:       "Eugene Teo" <eugeneteo () kernel ! sg>
Date:       2009-01-12 4:57:55
Message-ID: 28fa9c5e0901112057g539a6305ybb5eeaf561a117d9 () mail ! gmail ! com
[Download RAW message or body]

Nelson Elhage reported that it is possible for a local, unprivileged
user to cause a denial of service, or gain root privileges by abusing
a flaw in sys_remap_file_pages().

The bug was introduced by commit 3ee6dafc, and it was fixed in
8a459e44. This was also fixed in 2.6.24 -stable tree with 7e3c396b.

We have assigned CVE-2009-0024 to this issue.

Take note that this does not affect the latest kernels as shipped with
Red Hat Enterprise Linux 5, Red Hat Enterprise MRG, Fedora 8 to 10,
Ubuntu 8.04 (Hardy) (Thanks Kees), and Debian GNU/Linux (Thanks Dann).

Thanks, Eugene
[prev in list] [next in list] [prev in thread] [next in thread]