CVE-2008-2137

Priority
Low
Description
The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the
(2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the
Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some
virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not
set, which allows local users to cause a denial of service (panic) via
unspecified mmap calls.
Ubuntu-Description
David Miller and Jan Lieskovsky discovered that the Sparc kernel did
not correctly range-check memory regions allocated with mmap. A local
attacker could exploit this to crash the system, leading to a denial
of service.
References
Assigned-to
kees
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (2.6.24-19.36)
Patches:
Upstream:5816339310b2d9623cf413d33e538b45e815da5d
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:18:48 UTC (commit 5347)