On Mon, 2005-05-30 at 00:22 -0600, dann frazier wrote: > On Wed, 2005-05-11 at 18:30 +0900, Horms wrote: > > Package: kernel-source-2.4.27 > > Version: 2.4.27-10 > > Severity: important > > Tags: patch, security, pending > > > > > > I got this from Moritz Muehlenhoff <[EMAIL PROTECTED]>: > > > > http://www.redhat.com/support/errata/RHSA-2005-284.html This is > > CAN-2005-0137 : Linux kernel 2.6 on Itanium (ia64) architectures > > allows local users to cause a denial of service via a "missing > > Itanium syscall table entry." > > > > On investigation I found that > > > > 2.4.27 is vulnerable to this. 2.6.8 and 2.6.11 are not. > > The bug has been fixed upstream for both 2.4 and 2.6 and > > I have put a this patch into SVN for 2.4.27 > > Actually, this fix is already in kernel-patch-2.4.27-ia64 (2.4.27-3). > It was included when I resync'd with upstream; I didn't include a > reference in the changelog because I was unsure if the CAN ID was public > yet. > > kernel-patch-2.4.27-ia64 has already made its way into sarge, and: > > <vorlon> anyway, yeah, 2.4 kernels are also being synced up; I've already > approved 2.4.27-8 in for ia64 > > 2.4.27-8 was built against -3, so it sounds like this fix should already > be going in.
Testing a build against 2.4.27-10, I noticed that both patches will apply. Since they both add a syscall slot, we silently get one extra syscall slot :/ I'm unsure how severe of a problem this is - but I fear it may introduce a DoS vector of its own. I think the best solution at this point is to build a kernel-patch-2.4.27-ia64 (2.4.27-4) that reverts this change and prepare a kernel-image along with it, therefore requiring no changes to kernel-source-2.4.27. What do you think? Release Team: If I get these 2 builds into sid can we move these into sarge with the other kernel updates? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
