Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 17 Mar 2010 09:01:19 +0800
From: Eugene Teo <>
Subject: CVE-2009-4271 kernel: 32bit process on 64bit system DoS

STMicroelectronics reported a flaw in the Linux kernel, versions 2.6.9 
to 2.6.17, when running on x86_64, where a user could use a regular 
32bit process to trigger a kernel panic, without any special privileges. 
  The bug occurs when a 32bit user process triggers a segfault (i.e. 
de-reference a null-pointer) after having performed a mprotect() to 
restrict any rwx access on its VDSO page.

This only affects Red Hat Enterprise Linux 4.

Thanks, Eugene

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ