Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 16 Sep 2010 13:33:13 +0800
From: Eugene Teo <eugeneteo@...nel.sg>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow

Reported by Ben Hawkes. "A vulnerability in the 32-bit compatibility 
layer for 64-bit systems was reported. It is caused by insecure 
allocation of user space memory when translating system call inputs to 
64-bit. A stack pointer underflow can occur when using the 
"compat_alloc_user_space" method with an arbitrary length input."

Reference:
http://sota.gen.nz/compat1/
https://bugzilla.redhat.com/CVE-2010-3081

Upstream commit:
http://git.kernel.org/linus/c41d68a513c71e35a14f66d71782d27a79a81ea6

Thanks, Eugene
-- 
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.