oss-sec mailing list archives
Re: CVE request - Linux Kernel KGDB/ppc issue
From: Josh Bressers <bressers () redhat com>
Date: Thu, 29 Apr 2010 15:23:37 -0400 (EDT)
Please use CVE-2010-1446 for this. Thanks -- JB ----- "Hui Zhu" <hui.zhu () windriver com> wrote:
Hi All, The problem is that if KGDB is enabled on a powerpc board, a test that checks if a page is user or kernel is bypassed. This means that a user can write to arbitrary kernel address space. Upon further investigation, we found that kernels older than the v2.6.30-rc1 release have the same problem for non-booke ppc chips (74xx, 8641D), so we need two patches for kernels up to that date, and then one patch for ones after that date. Thanks, Hui
Current thread:
- CVE request - Linux Kernel KGDB/ppc issue Hui Zhu (Apr 28)
- Re: CVE request - Linux Kernel KGDB/ppc issue Eugene Teo (Apr 28)
- Re: CVE request - Linux Kernel KGDB/ppc issue Josh Bressers (Apr 29)
- Re: CVE request - Linux Kernel KGDB/ppc issue Eugene Teo (Apr 29)