oss-sec mailing list archives
CVE request: kernel: perf bug
From: Eugene Teo <eugene () redhat com>
Date: Mon, 15 Nov 2010 12:53:32 +0800
Upstream commit dab5855 ("perf_counter: Add mmap event hooks to mprotect()") is fundamentally wrong as mprotect_fixup() can free 'vma' due to merging. Fix the problem by moving perf_event_mmap() hook to mprotect_fixup(). In certain scenario, a local, unprivileged user could use this flaw to trigger a denial of service.
Upstream commit: http://git.kernel.org/linus/63bfd7384b119409685a17d5c58f0b56e5dc03da https://bugzilla.redhat.com/show_bug.cgi?id=651671PS: I thought I requested a CVE name for this already, but it turns out I did not.
Thanks, Eugene -- main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }
Current thread:
- CVE request: kernel: perf bug Eugene Teo (Nov 14)
- <Possible follow-ups>
- Re: CVE request: kernel: perf bug Josh Bressers (Nov 15)