[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request - Linux Kernel KGDB/ppc issue
From:       Eugene Teo <eugene () redhat ! com>
Date:       2010-04-30 0:44:55
Message-ID: 4BDA2807.3000703 () redhat ! com
[Download RAW message or body]

On 04/29/2010 10:13 AM, Hui Zhu wrote:
> Hi All,
>
> The problem is that if KGDB is enabled on a powerpc board, a
> test that checks if a page is user or kernel is bypassed.
> This means that a user can write to arbitrary kernel address space.
>
> Upon further investigation, we found that kernels older than
> the v2.6.30-rc1 release have the same problem for non-booke
> ppc chips (74xx, 8641D), so we need two patches for kernels
> up to that date, and then one patch for ones after that date.

http://www.mail-archive.com/linuxppc-dev@lists.ozlabs.org/msg30044.html
Sun, 01 Mar 2009 22:25:03 -0800

"Note: While at it, I removed a non-sensical statement related to 
CONFIG_KGDB in ppc_mmu_32.c which could cause kernel mappings to be user 
accessible when that option is enabled. Probably something that bitrot."

Eugene
[prev in list] [next in list] [prev in thread] [next in thread]