oss-sec mailing list archives
Re: CVE request - Linux Kernel KGDB/ppc issue
From: Eugene Teo <eugene () redhat com>
Date: Fri, 30 Apr 2010 08:44:55 +0800
On 04/29/2010 10:13 AM, Hui Zhu wrote:
Hi All, The problem is that if KGDB is enabled on a powerpc board, a test that checks if a page is user or kernel is bypassed. This means that a user can write to arbitrary kernel address space. Upon further investigation, we found that kernels older than the v2.6.30-rc1 release have the same problem for non-booke ppc chips (74xx, 8641D), so we need two patches for kernels up to that date, and then one patch for ones after that date.
http://www.mail-archive.com/linuxppc-dev () lists ozlabs org/msg30044.html Sun, 01 Mar 2009 22:25:03 -0800"Note: While at it, I removed a non-sensical statement related to CONFIG_KGDB in ppc_mmu_32.c which could cause kernel mappings to be user accessible when that option is enabled. Probably something that bitrot."
Eugene
Current thread:
- CVE request - Linux Kernel KGDB/ppc issue Hui Zhu (Apr 28)
- Re: CVE request - Linux Kernel KGDB/ppc issue Eugene Teo (Apr 28)
- Re: CVE request - Linux Kernel KGDB/ppc issue Josh Bressers (Apr 29)
- Re: CVE request - Linux Kernel KGDB/ppc issue Eugene Teo (Apr 29)