oss-sec mailing list archives
CVE-2009-0024 kernel: local privilege escalation in sys_remap_file_pages
From: "Eugene Teo" <eugeneteo () kernel sg>
Date: Mon, 12 Jan 2009 12:57:55 +0800
Nelson Elhage reported that it is possible for a local, unprivileged user to cause a denial of service, or gain root privileges by abusing a flaw in sys_remap_file_pages(). The bug was introduced by commit 3ee6dafc, and it was fixed in 8a459e44. This was also fixed in 2.6.24 -stable tree with 7e3c396b. We have assigned CVE-2009-0024 to this issue. Take note that this does not affect the latest kernels as shipped with Red Hat Enterprise Linux 5, Red Hat Enterprise MRG, Fedora 8 to 10, Ubuntu 8.04 (Hardy) (Thanks Kees), and Debian GNU/Linux (Thanks Dann). Thanks, Eugene
Current thread:
- CVE-2009-0024 kernel: local privilege escalation in sys_remap_file_pages Eugene Teo (Jan 11)