Re: CVE request - Linux Kernel KGDB/ppc issue

[Eugene Teo <eugene () redhat com>]

On 04/29/2010 10:13 AM, Hui Zhu wrote:
> Hi All,
>
> The problem is that if KGDB is enabled on a powerpc board, a
> test that checks if a page is user or kernel is bypassed.
> This means that a user can write to arbitrary kernel address space.
>
> Upon further investigation, we found that kernels older than
> the v2.6.30-rc1 release have the same problem for non-booke
> ppc chips (74xx, 8641D), so we need two patches for kernels
> up to that date, and then one patch for ones after that date.

http://www.mail-archive.com/linuxppc-dev () lists ozlabs org/msg30044.html
Sun, 01 Mar 2009 22:25:03 -0800

"Note: While at it, I removed a non-sensical statement related to 
CONFIG_KGDB in ppc_mmu_32.c which could cause kernel mappings to be user 
accessible when that option is enabled. Probably something that bitrot."

Eugene