blob: 105ad3f8fad37ef90d5cdf2534e74f614b1a4d66 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
Candidate: CVE-2006-0558
References:
MLIST:[linux-ia64] [PATCH 1/1] ia64: perfmon.c trips BUG_ON in put_page_testzero
URL:http://marc.theaimsgroup.com/?l=linux-ia64&m=113882384921688
CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=185082
BID:17482
URL:http://www.securityfocus.com/bid/17482
Description:
perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users
to cause a denial of service (crash) by interrupting a task while another
process is accessing the mm_struct, which triggers a BUG_ON action in the
put_page_testzero function.proc
Notes:
dannf> This issue is unreproducible in 2.6.16, according to:
dannf> http://marc.theaimsgroup.com/?l=linux-ia64&m=114530938403347&w=2
dannf> So, I'm marking upstream as 2.6.16
.
dannf> I have a reproducer from SGI. It causes 2.6.8 to oops, but needs to
dannf> be ported to the 2.4 perfmon API to test 2.4.27
Bugs: 365375
upstream: released (2.6.16)
linux-2.6: released (2.6.16-1)
2.6.8-sarge-security: released (2.6.8-16sarge3) [perfmon-exit-race.dpatch]
2.4.27-sarge-security: ignored (2.4.27-10sarge6) "need porting help"
2.6.18-etch-security: N/A
|