blob: fab0fac1cfa6d0b1457350e93ee21ada846377a4 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
Candidate: CVE-2004-1057
References:
MISC:http://www.kernel.org/pub/linux/kernel/people/andrea/kernels/v2.4/2.4.23aa3/00_VM_IO-4
REDHAT:RHSA-2005:016
URL:http://www.redhat.com/support/errata/RHSA-2005-016.html
CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=137821
XF:linux-kernel-vmio-dos(19275)
URL:http://xforce.iss.net/xforce/xfdb/19275
Description:
Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark
memory with the VM_IO flag, which causes incorrect reference counts and may
lead to a denial of service (kernel panic) when accessing freed kernel pages.
Notes:
dannf> I see the PageReserved() check in the 2.6 code, going back to 2.4.0
dannf> so I'll mark 2.6 N/A
Bugs:
upstream:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: released (2.4.27-10) [165_VM_IO.diff]
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
2.4.16-woody-security:
2.4.17-woody-security-hppa:
2.4.17-woody-security-ia64:
2.4.18-woody-security-hppa:
|