oss-sec mailing list archives

Re: CVE request - kernel: thp: prevent hugepages during args/env copying into the user stack

From: Josh Bressers <bressers () redhat com>
Date: Thu, 17 Feb 2011 15:34:55 -0500 (EST)

Please use CVE-2011-0999.

Thanks.

-- 
    JB

----- Original Message -----

"Transparent hugepages can only be created if rmap is fully
functional.
A specially crafted binary could allow the user stack to grow huge and
backed by hugepages without this patch while is_vma_temporary_stack()
is
true.

This also optmizes away some harmless but unnecessary setting of
khugepaged_scan.address and it switches some BUG_ON to VM_BUG_ON."

mm/huge_memory.c - introduced in 71e3aac0 (v2.6.38-rc1)

https://bugzilla.redhat.com/show_bug.cgi?id=678209
http://git.kernel.org/linus/a7d6e4ecdb7648478ddec76d30d87d03d6e22b31

Thanks, Eugene

Current thread:

CVE request - kernel: thp: prevent hugepages during args/env copying into the user stack Eugene Teo (Feb 16)
- Re: CVE request - kernel: thp: prevent hugepages during args/env copying into the user stack Josh Bressers (Feb 17)