Date: Fri, 10 Dec 2010 15:34:52 -0500 (EST) From: Petr Matousek <pmatouse@...hat.com> To: oss-security@...ts.openwall.com Cc: coley@...us.mitre.org Subject: Subject: CVE request: kernel: install_special_mapping skips security_file_mmap check "The install_special_mapping routine (used, for example, to setup the vdso) skips the security check before insert_vm_struct, allowing a local attacker to bypass the mmap_min_addr security restriction by limiting the available pages for special mappings." Credit: Tavis Ormandi Reference: https://lkml.org/lkml/2010/12/9/222 https://bugzilla.redhat.com/show_bug.cgi?id=662189 Thanks, -- Petr Matousek / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ