CVE-2010-4258

Severity

62%

Complexity

19%

Confidentiality

165%

The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call.

The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call.

CVSS 2.0 Base Score 6.2. CVSS Attack Vector: local. CVSS Attack Complexity: high. CVSS Vector: (AV:L/AC:H/Au:N/C:C/I:C/A:C).

Overview

First reported 14 years ago

2010-12-30 19:00:00

Last updated 11 years ago

2013-09-13 06:38:00

Affected Software

Linux Kernel 2.6.0

2.6.0

Linux Kernel 2.6.1

2.6.1

Linux Kernel 2.6.2

2.6.2

Linux Kernel 2.6.3

2.6.3

Linux Kernel 2.6.4

2.6.4

Linux Kernel 2.6.5

2.6.5

Linux Kernel 2.6.6

2.6.6

Linux Kernel 2.6.7

2.6.7

Linux Kernel 2.6.8

2.6.8

Linux Kernel 2.6.8.1

2.6.8.1

Linux Kernel 2.6.9

2.6.9

Linux Kernel 2.6.10

2.6.10

Linux Kernel 2.6.11

2.6.11

Linux Kernel 2.6.11.1

2.6.11.1

Linux Kernel 2.6.11.2

2.6.11.2

Linux Kernel 2.6.11.3

2.6.11.3

Linux Kernel 2.6.11.4

2.6.11.4

Linux Kernel 2.6.11.5

2.6.11.5

Linux Kernel 2.6.11.6

2.6.11.6

Linux Kernel 2.6.11.7

2.6.11.7

Linux Kernel 2.6.11.8

2.6.11.8

Linux Kernel 2.6.11.9

2.6.11.9

Linux Kernel 2.6.11.10

2.6.11.10

Linux Kernel 2.6.11.11

2.6.11.11

Linux Kernel 2.6.11.12

2.6.11.12

Linux Kernel 2.6.12

2.6.12

Linux Kernel 2.6.12.1

2.6.12.1

Linux Kernel 2.6.12.2

2.6.12.2

Linux Kernel 2.6.12.3

2.6.12.3

Linux Kernel 2.6.12.4

2.6.12.4

Linux Kernel 2.6.12.5

2.6.12.5

Linux Kernel 2.6.12.6

2.6.12.6

Linux Kernel 2.6.13

2.6.13

Linux Kernel 2.6.13.1

2.6.13.1

Linux Kernel 2.6.13.2

2.6.13.2

Linux Kernel 2.6.13.3

2.6.13.3

Linux Kernel 2.6.13.4

2.6.13.4

Linux Kernel 2.6.13.5

2.6.13.5

Linux Kernel 2.6.14

2.6.14

Linux Kernel 2.6.14.1

2.6.14.1

Linux Kernel 2.6.14.2

2.6.14.2

Linux Kernel 2.6.14.3

2.6.14.3

Linux Kernel 2.6.14.4

2.6.14.4

Linux Kernel 2.6.14.5

2.6.14.5

Linux Kernel 2.6.14.6

2.6.14.6

Linux Kernel 2.6.14.7

2.6.14.7

Linux Kernel 2.6.15

2.6.15

Linux Kernel 2.6.15.1

2.6.15.1

Linux Kernel 2.6.15.2

2.6.15.2

Linux Kernel 2.6.15.3

2.6.15.3

Linux Kernel 2.6.15.4

2.6.15.4

Linux Kernel 2.6.15.5

2.6.15.5

Linux Kernel 2.6.15.6

2.6.15.6

Linux Kernel 2.6.15.7

2.6.15.7

Linux Kernel 2.6.16.4

2.6.16.4

Linux Kernel 2.6.16.5

2.6.16.5

Linux Kernel 2.6.16.6

2.6.16.6

Linux Kernel 2.6.16.7

2.6.16.7

Linux Kernel 2.6.16.8

2.6.16.8

Linux Kernel 2.6.16.9

2.6.16.9

Linux Kernel 2.6.16.32

2.6.16.32

Linux Kernel 2.6.16.33

2.6.16.33

Linux Kernel 2.6.16.34

2.6.16.34

Linux Kernel 2.6.16.35

2.6.16.35

Linux Kernel 2.6.16.36

2.6.16.36

Linux Kernel 2.6.16.37

2.6.16.37

Linux Kernel 2.6.16.38

2.6.16.38

Linux Kernel 2.6.16.39

2.6.16.39

Linux Kernel 2.6.16.40

2.6.16.40

Linux Kernel 2.6.16.41

2.6.16.41

Linux Kernel 2.6.16.42

2.6.16.42

Linux Kernel 2.6.16.43

2.6.16.43

Linux Kernel 2.6.16.44

2.6.16.44

Linux Kernel 2.6.16.45

2.6.16.45

Linux Kernel 2.6.16.46

2.6.16.46

Linux Kernel 2.6.16.47

2.6.16.47

Linux Kernel 2.6.16.48

2.6.16.48

Linux Kernel 2.6.16.49

2.6.16.49

Linux Kernel 2.6.16.50

2.6.16.50

Linux Kernel 2.6.16.51

2.6.16.51

Linux Kernel 2.6.16.52

2.6.16.52

Linux Kernel 2.6.16.53

2.6.16.53

Linux Kernel 2.6.16.54

2.6.16.54

Linux Kernel 2.16.55

2.6.16.55

Linux Kernel 2.6.16.56

2.6.16.56

Linux Kernel 2.6.16.57

2.6.16.57

Linux Kernel 2.6.16.58

2.6.16.58

Linux Kernel 2.6.16.59

2.6.16.59

Linux Kernel 2.6.16.60

2.6.16.60

Linux Kernel 2.6.16.61

2.6.16.61

Linux Kernel 2.6.16.62

2.6.16.62

Linux Kernel 2.6.17

2.6.17

Linux Kernel 2.6.17.1

2.6.17.1

Linux Kernel 2.6.17.2

2.6.17.2

Linux Kernel 2.6.17.3

2.6.17.3

Linux Kernel 2.6.17.4

2.6.17.4

Linux Kernel 2.6.17.5

2.6.17.5

Linux Kernel 2.6.17.6

2.6.17.6

Linux Kernel 2.6.17.7

2.6.17.7

Linux Kernel 2.6.17.8

2.6.17.8

Linux Kernel 2.6.17.9

2.6.17.9

Linux Kernel 2.6.17.10

2.6.17.10

Linux Kernel 2.6.17.11

2.6.17.11

Linux Kernel 2.6.17.12

2.6.17.12

Linux Kernel 2.6.17.13

2.6.17.13

Linux Kernel 2.6.17.14

2.6.17.14

Linux Kernel 2.6.18

2.6.18

Linux Kernel 2.6.18.1

2.6.18.1

Linux Kernel 2.6.18.2

2.6.18.2

Linux Kernel 2.6.18.3

2.6.18.3

Linux Kernel 2.6.18.4

2.6.18.4

Linux Kernel 2.6.18.5

2.6.18.5

Linux Kernel 2.6.18.6

2.6.18.6

Linux Kernel 2.6.18.7

2.6.18.7

Linux Kernel 2.6.18.8

2.6.18.8

Linux Kernel 2.6.19

2.6.19

Linux Kernel 2.6.19.1

2.6.19.1

Linux Kernel 2.6.19.2

2.6.19.2

Linux Kernel 2.6.19.3

2.6.19.3

Linux Kernel 2.6.19.4

2.6.19.4

Linux Kernel 2.6.19.5

2.6.19.5

Linux Kernel 2.6.19.6

2.6.19.6

Linux Kernel 2.6.19.7

2.6.19.7

Linux Kernel 2.6.20

2.6.20

Linux Kernel 2.6.20.1

2.6.20.1

Linux Kernel 2.6.20.2

2.6.20.2

Linux Kernel 2.6.20.3

2.6.20.3

Linux Kernel 2.6.20.4

2.6.20.4

Linux Kernel 2.6.20.5

2.6.20.5

Linux Kernel 2.6.20.6

2.6.20.6

Linux Kernel 2.6.20.7

2.6.20.7

Linux Kernel 2.6.20.8

2.6.20.8

Linux Kernel 2.6.20.9

2.6.20.9

Linux Kernel 2.6.20.10

2.6.20.10

Linux Kernel 2.6.20.11

2.6.20.11

Linux Kernel 2.6.20.12

2.6.20.12

Linux Kernel 2.6.20.13

2.6.20.13

Linux Kernel 2.6.20.14

2.6.20.14

Linux Kernel 2.6.20.15

2.6.20.15

Linux Kernel 2.6.20.16

2.6.20.16

Linux Kernel 2.6.20.17

2.6.20.17

Linux Kernel 2.6.20.18

2.6.20.18

Linux Kernel 2.6.20.19

2.6.20.19

Linux Kernel 2.6.20.20

2.6.20.20

Linux Kernel 2.6.20.21

2.6.20.21

Linux Kernel 2.6.21

2.6.21

Linux Kernel 2.6.21.1

2.6.21.1

Linux Kernel 2.6.21.2

2.6.21.2

Linux Kernel 2.6.21.3

2.6.21.3

Linux Kernel 2.6.21.4

2.6.21.4

Linux Kernel 2.6.21.5

2.6.21.5

Linux Kernel 2.6.21.6

2.6.21.6

Linux Kernel 2.6.21.7

2.6.21.7

Linux Kernel 2.6.22

2.6.22

Linux Kernel 2.6.22.1

2.6.22.1

Linux Kernel 2.6.22.2

2.6.22.2

Linux Kernel 2.6.22.3

2.6.22.3

Linux Kernel 2.6.22.4

2.6.22.4

Linux Kernel 2.6.22.5

2.6.22.5

Linux Kernel 2.6.22.6

2.6.22.6

Linux Kernel 2.6.22.7

2.6.22.7

Linux Kernel 2.6.22.8

2.6.22.8

Linux Kernel 2.6.22.9

2.6.22.9

Linux Kernel 2.6.22.10

2.6.22.10

Linux Kernel 2.6.22.11

2.6.22.11

Linux Kernel 2.6.22.12

2.6.22.12

Linux Kernel 2.6.22.13

2.6.22.13

Linux Kernel 2.6.22.14

2.6.22.14

Linux Kernel 2.6.22.15

2.6.22.15

Linux Kernel 2.6.22.16

2.6.22.16

Linux Kernel 2.6.22.17

2.6.22.17

Linux Kernel 2.6.22.18

2.6.22.18

Linux Kernel 2.6.22.19

2.6.22.19

Linux Kernel 2.6.22.20

2.6.22.20

Linux Kernel 2.6.22.21

2.6.22.21

Linux Kernel 2.6.22.22

2.6.22.22

Linux Kernel 2.6.23

2.6.23

Linux Kernel 2.6.23 Release Candidate 1

2.6.23

Linux Kernel 2.6.23 release candidate 2

2.6.23

Linux Kernel 2.6.23.1

2.6.23.1

Linux Kernel 2.6.23.2

2.6.23.2

Linux Kernel 2.6.23.3

2.6.23.3

Linux Kernel 2.6.23.4

2.6.23.4

Linux Kernel 2.6.23.5

2.6.23.5

Linux Kernel 2.6.23.6

2.6.23.6

Linux Kernel 2.6.23.7

2.6.23.7

Linux Kernel 2.6.23.8

2.6.23.8

Linux Kernel 2.6.23.9

2.6.23.9

Linux Kernel 2.6.23.10

2.6.23.10

Linux Kernel 2.6.23.11

2.6.23.11

Linux Kernel 2.6.23.12

2.6.23.12

Linux Kernel 2.6.23.13

2.6.23.13

Linux Kernel 2.6.23.14

2.6.23.14

Linux Kernel 2.6.23.16

2.6.23.15

Linux Kernel 2.6.23.16

2.6.23.16

Linux Kernel 2.6.23.17

2.6.23.17

Linux Kernel 2.6.24

2.6.24

Linux Kernel 2.6.24 Release Candidate 1

2.6.24

Linux Kernel 2.6.24 Release Candidate 2

2.6.24

Linux Kernel 2.6.24 Release Candidate 3

2.6.24

Linux Kernel 2.6.24 Release Candidate 4

2.6.24

Linux Kernel 2.6.24 Release Candidate 5

2.6.24

Linux Kernel 2.6.24.1

2.6.24.1

Linux Kernel 2.6.24.2

2.6.24.2

Linux Kernel 2.6.24.3

2.6.24.3

Linux Kernel 2.6.24.4

2.6.24.4

Linux Kernel 2.6.24.5

2.6.24.5

Linux Kernel 2.6.24.6

2.6.24.6

Linux Kernel 2.6.24.7

2.6.24.7

Linux Kernel 2.6.25

2.6.25

Linux Kernel 2.6.25.1

2.6.25.1

Linux Kernel 2.6.25.2

2.6.25.2

Linux Kernel 2.6.25.3

2.6.25.3

Linux Kernel 2.6.25.4

2.6.25.4

Linux Kernel 2.6.25.5

2.6.25.5

Linux Kernel 2.6.25.6

2.6.25.6

Linux Kernel 2.6.25.7

2.6.25.7

Linux Kernel 2.6.25.8

2.6.25.8

Linux Kernel 2.6.25.9

2.6.25.9

Linux Kernel 2.6.25.10

2.6.25.10

Linux Kernel 2.6.25.11

2.6.25.11

Linux Kernel 2.6.25.12

2.6.25.12

Linux Kernel 2.6.25.13

2.6.25.13

Linux Kernel 2.6.25.14

2.6.25.14

Linux Kernel 2.6.25.15

2.6.25.15

Linux Kernel 2.6.25.16

2.6.25.16

Linux Kernel 2.6.25.17

2.6.25.17

Linux Kernel 2.6.25.18

2.6.25.18

Linux Kernel 2.6.25.19

2.6.25.19

Linux Kernel 2.6.25.20

2.6.25.20

Linux Kernel 2.6.26

2.6.26

Linux Kernel 2.6.26.1

2.6.26.1

Linux Kernel 2.6.26.2

2.6.26.2

Linux Kernel 2.6.26.3

2.6.26.3

Linux Kernel 2.6.26.4

2.6.26.4

Linux Kernel 2.6.26.5

2.6.26.5

Linux Kernel 2.6.26.6

2.6.26.6

Linux Kernel 2.6.26.7

2.6.26.7

Linux Kernel 2.6.26.8

2.6.26.8

Linux Kernel 2.6.27

2.6.27

Linux Kernel 2.6.27 Release Candidate 1

2.6.27

Linux Kernel 2.6.27 Release Candidate 2

2.6.27

Linux Kernel 2.6.27 Release Candidate 3

2.6.27

Linux Kernel 2.6.27 Release Candidate 4

2.6.27

Linux Kernel 2.6.27 Release Candidate 5

2.6.27

Linux Kernel 2.6.27 Release Candidate 6

2.6.27

Linux Kernel 2.6.27 Release Candidate 7

2.6.27

Linux Kernel 2.6.27 Release Candidate 8

2.6.27

Linux Kernel 2.6.27 Release Candidate 9

2.6.27

Linux Kernel 2.6.27.1

2.6.27.1

Linux Kernel 2.6.27.2

2.6.27.2

Linux Kernel 2.6.27.3

2.6.27.3

Linux Kernel 2.6.27.4

2.6.27.4

Linux Kernel 2.6.27.5

2.6.27.5

Linux Kernel 2.6.27.6

2.6.27.6

Linux Kernel 2.6.27.7

2.6.27.7

Linux Kernel 2.6.27.8

2.6.27.8

Linux Kernel 2.6.27.9

2.6.27.9

Linux Kernel 2.6.27.10

2.6.27.10

Linux Kernel 2.6.27.11

2.6.27.11

Linux Kernel 2.6.27.12

2.6.27.12

Linux Kernel 2.6.27.13

2.6.27.13

Linux Kernel 2.6.27.14

2.6.27.14

Linux Kernel 2.6.27.15

2.6.27.15

Linux Kernel 2.6.27.16

2.6.27.16

Linux Kernel 2.6.27.17

2.6.27.17

Linux Kernel 2.6.27.18

2.6.27.18

Linux Kernel 2.6.27.19

2.6.27.19

Linux Kernel 2.6.27.20

2.6.27.20

Linux Kernel 2.6.27.21

2.6.27.21

Linux Kernel 2.6.27.22

2.6.27.22

Linux Kernel 2.6.27.23

2.6.27.23

Linux Kernel 2.6.27.24

2.6.27.24

Linux Kernel 2.6.27.25

2.6.27.25

Linux Kernel 2.6.27.26

2.6.27.26

Linux Kernel 2.6.27.27

2.6.27.27

Linux Kernel 2.6.27.28

2.6.27.28

Linux Kernel 2.6.27.29

2.6.27.29

Linux Kernel 2.6.27.30

2.6.27.30

Linux Kernel 2.6.27.31

2.6.27.31

Linux Kernel 2.6.27.32

2.6.27.32

Linux Kernel 2.6.27.33

2.6.27.33

Linux Kernel 2.6.27.34

2.6.27.34

Linux Kernel 2.6.27.35

2.6.27.35

Linux Kernel 2.6.27.36

2.6.27.36

Linux Kernel 2.6.27.37

2.6.27.37

Linux Kernel 2.6.27.38

2.6.27.38

Linux Kernel 2.6.27.39

2.6.27.39

Linux Kernel 2.6.27.40

2.6.27.40

Linux Kernel 2.6.27.41

2.6.27.41

Linux Kernel 2.6.27.42

2.6.27.42

Linux Kernel 2.6.27.43

2.6.27.43

Linux Kernel 2.6.27.44

2.6.27.44

Linux Kernel 2.6.27.45

2.6.27.45

Linux Kernel 2.6.27.51

2.6.27.51

Linux Kernel 2.6.27.52

2.6.27.52

Linux Kernel 2.6.27.53

2.6.27.53

Linux Kernel 2.6.27.54

2.6.27.54

Linux Kernel 2.6.28

2.6.28

Linux Kernel 2.6.28.1

2.6.28.1

Linux Kernel 2.6.28.2

2.6.28.2

Linux Kernel 2.6.28.3

2.6.28.3

Linux Kernel 2.6.28.4

2.6.28.4

Linux Kernel 2.6.28.5

2.6.28.5

Linux Kernel 2.6.28.6

2.6.28.6

Linux Kernel 2.6.28.7

2.6.28.7

Linux Kernel 2.6.28.8

2.6.28.8

Linux Kernel 2.6.28.9

2.6.28.9

Linux Kernel 2.6.28.10

2.6.28.10

Linux Kernel 2.6.29

2.6.29

Linux Kernel 2.6.29.1

2.6.29.1

Linux Kernel 2.6.29.2

2.6.29.2

Linux Kernel 2.6.29.3

2.6.29.3

Linux Kernel 2.6.29.4

2.6.29.4

Linux Kernel 2.6.29.5

2.6.29.5

Linux Kernel 2.6.29.6

2.6.29.6

Linux Kernel 2.6.30

2.6.30

Linux Kernel 2.6.30.1

2.6.30.1

Linux Kernel 2.6.30.2

2.6.30.2

Linux Kernel 2.6.30.3

2.6.30.3

Linux Kernel 2.6.30.4

2.6.30.4

Linux Kernel 2.6.30.5

2.6.30.5

Linux Kernel 2.6.30.6

2.6.30.6

Linux Kernel 2.6.30.7

2.6.30.7

Linux Kernel 2.6.30.8

2.6.30.8

Linux Kernel 2.6.30.9

2.6.30.9

Linux Kernel 2.6.30.10

2.6.30.10

Linux Kernel 2.6.31

2.6.31

Linux Kernel 2.6.31.1

2.6.31.1

Linux Kernel 2.6.31.2

2.6.31.2

Linux Kernel 2.6.31.3

2.6.31.3

Linux Kernel 2.6.31.4

2.6.31.4

Linux Kernel 2.6.31.5

2.6.31.5

Linux Kernel 2.6.31.6

2.6.31.6

Linux Kernel 2.6.31.7

2.6.31.7

Linux Kernel 2.6.31.8

2.6.31.8

Linux Kernel 2.6.31.9

2.6.31.9

Linux Kernel 2.6.31.10

2.6.31.10

Linux Kernel 2.6.31.11

2.6.31.11

Linux Kernel 2.6.31.12

2.6.31.12

Linux Kernel 2.6.31.13

2.6.31.13

Linux Kernel 2.6.31.14

2.6.31.14

Linux Kernel 2.6.32

2.6.32

Linux Kernel 2.6.32.1

2.6.32.1

Linux Kernel 2.6.32.2

2.6.32.2

Linux Kernel 2.6.32.3

2.6.32.3

Linux Kernel 2.6.32.4

2.6.32.4

Linux Kernel 2.6.32.5

2.6.32.5

Linux Kernel 2.6.32.6

2.6.32.6

Linux Kernel 2.6.32.7

2.6.32.7

Linux Kernel 2.6.32.8

2.6.32.8

Linux Kernel 2.6.32.9

2.6.32.9

Linux Kernel 2.6.32.10

2.6.32.10

Linux Kernel 2.6.32.11

2.6.32.11

Linux Kernel 2.6.32.12

2.6.32.12

Linux Kernel 2.6.32.13

2.6.32.13

Linux Kernel 2.6.32.14

2.6.32.14

Linux Kernel 2.6.32.15

2.6.32.15

Linux Kernel 2.6.32.16

2.6.32.16

Linux Kernel 2.6.32.17

2.6.32.17

Linux Kernel 2.6.32.18

2.6.32.18

Linux Kernel 2.6.32.19

2.6.32.19

Linux Kernel 2.6.32.20

2.6.32.20

Linux Kernel 2.6.32.21

2.6.32.21

Linux Kernel 2.6.32.22

2.6.32.22

Linux Kernel 2.6.32.23

2.6.32.23

Linux Kernel 2.6.33

2.6.33

Linux Kernel 2.6.33.1

2.6.33.1

Linux Kernel 2.6.33.2

2.6.33.2

Linux Kernel 2.6.33.3

2.6.33.3

Linux Kernel 2.6.33.4

2.6.33.4

Linux Kernel 2.6.33.5

2.6.33.5

Linux Kernel 2.6.33.6

2.6.33.6

Linux Kernel 2.6.33.7

2.6.33.7

Linux Kernel 2.6.34

2.6.34

Linux Kernel 2.6.34.1

2.6.34.1

Linux Kernel 2.6.34.2

2.6.34.2

Linux Kernel 2.6.34.3

2.6.34.3

Linux Kernel 2.6.34.4

2.6.34.4

Linux Kernel 2.6.34.5

2.6.34.5

Linux Kernel 2.6.34.6

2.6.34.6

Linux Kernel 2.6.34.7

2.6.34.7

Linux Kernel 2.6.35

2.6.35

Linux Kernel 2.6.35.1

2.6.35.1

Linux Kernel 2.6.35.2

2.6.35.2

Linux Kernel 2.6.35.3

2.6.35.3

Linux Kernel 2.6.35.4

2.6.35.4

Linux Kernel 2.6.35.5

2.6.35.5

Linux Kernel 2.6.35.6

2.6.35.6

Linux Kernel 2.6.35.7

2.6.35.7

Linux Kernel 2.6.35.8

2.6.35.8

Linux Kernel 2.6.35.9

2.6.35.9

Linux Kernel 2.6.36

2.6.36

Linux Kernel

References

20101207 Linux kernel exploit

Exploit

http://blog.nelhage.com/2010/12/cve-2010-4258-from-dos-to-privesc/

http://code.google.com/p/chromium-os/issues/detail?id=10234

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=33dd94ae1ccbfb7bf0fb6c692bc3d1c4269e6177

Patch

http://googlechromereleases.blogspot.com/2011/01/chrome-os-beta-channel-update.html

FEDORA-2010-18983

SUSE-SA:2011:001

SUSE-SA:2011:002

SUSE-SA:2011:004

SUSE-SA:2011:005

SUSE-SA:2011:007

SUSE-SA:2011:008

[linux-kernel] 20101201 [PATCH v2] do_exit(): Make sure we run with get_fs() == USER_DS.

Patch

[oss-security] 20101202 CVE request: kernel: failure to revert address limit override in OOPS error path

[oss-security] 20101202 kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses

[oss-security] 20101202 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses

[oss-security] 20101202 Re: CVE request: kernel: failure to revert address limit override in OOPS error path

[oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses

[oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses

[oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses

[oss-security] 20101209 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses

[oss-security] 20101209 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses

42745

42778

42801

42932

43056

43291

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2

MDVSA-2011:029

ADV-2010-3321

ADV-2011-0012

ADV-2011-0124

ADV-2011-0213

ADV-2011-0298

ADV-2011-0375

https://bugzilla.redhat.com/show_bug.cgi?id=659567

[linux-kernel] 20101201 Re: [PATCH v2] do_exit(): Make sure we run with get_fs() == USER_DS.

Patch

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.