Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 2 Jun 2014 19:23:19 -0400 (EDT)
From: cve-assign@...re.org
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE-2014-3940 - Linux kernel - missing check during hugepage migration

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The scope of CVE-2014-3940 is the https://lkml.org/lkml/2014/3/18/784
post, i.e., "[PATCH RESEND -mm 1/2] mm: add !pte_present() check on
existing hugetlb_entry callbacks" on 18 March.

Two notes about this:

  - Applying the https://lkml.org/lkml/2014/3/18/784 patch to, for
    example, the 3.14.5 release would involve changing the
    queue_pages_hugetlb_pmd_range function instead of the
    queue_pages_hugetlb function.

  - The scope of CVE-2014-3940 does not include the related "2/2"
    message in the https://lkml.org/lkml/2014/3/18/769 post. The issue
    there is not fully investigated, and may be a bug that doesn't
    affect any stable kernel release.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTjQX5AAoJEKllVAevmvmsf/IH/R/0yPoIowUFpeCJ1kQiPojD
KexPi5c8hne6z2jfmHARzjmBQS7IvHn/FcrBONF7WIcDnFZq4CgVHhIcGuJjiOI2
uQKXx6JUX6bHahGMdNs2ow2SQzCLy1xj0FcHQBAg/RZVk4jBAQIWkvbkeE52tWaK
IpICuE3Sderg7rtucHqpbMjlD76rr/PqiANYT2xgip7ZnpKvoicrXBy2SV3WhD3G
qOK6Qrb+aPC+qsU3OIjp7JsRf7IuHaQ10yfn+oZJeEoayf+ka7rzsVy6QpKVkiuK
FLw31hMlS7ZPxHrpZX6xaQ1rr7mQY1qk/KY+zUv2uod9GPx7foljWNQNAMdeDKU=
=D5Cw
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ