blob: c378c1a0d6c1195a8ddd7b3c3472006cd90d02b6 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Candidate: CVE-2007-4573
References:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=176df2457ef6207156ca1a40991c54ca01fef567
Description:
Ubuntu-Description:
Wojciech Purczynski discovered that the Linux kernel ia32 syscall
emulation in x86_64 kernels did not correctly clear the high bits of
registers. Local attackers could exploit this to gain root privileges.
Notes:
jmm> Fix in etch3 didn't fix the problem for Xen guests
Bugs:
upstream: released (2.6.22.7)
linux-2.6: released (2.6.22-5)
2.6.18-etch-security: released (2.6.18.dfsg.1-13etch4) [bugfix/amd64-zero-extend-32bit-ptrace.patch, bugfix/amd64-zero-extend-32bit-ptrace-xen.patch]
2.6.8-sarge-security: released (2.6.8-17sarge1) [amd64-zero-extend-32bit-ptrace.dpatch]
2.4.27-sarge-security: N/A
2.6.15-dapper-security: released (2.6.15-29.59)
2.6.17-edgy-security: released (2.6.17.1-12.41 bac7adb35e5a3630511249b4f1bbdaff3b574455)
2.6.20-feisty-security: released (2.6.20-16.32 1145a8797aa4994275922e9fde299e7bb115edf0)
|
