TECHNICAL BULLETIN
TECHNICAL BULLETIN
| PROBLEM: | The Linux kernel is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. |
| PLATFORM: | Linux Kernel 2.6.31-rc1 through 2.6.31 |
| ABSTRACT: | If a big sized data is passed over perf_counter_open() syscall, the kernel will copy this data to a small buffer, it will cause kernel crash. |
| LINKS: | |
| DOE-CIRC BULLETIN: | http://www.doecirc.energy.gov/bulletins/t-234.shtml |
| OTHER LINKS: |
Security Focus http://www.securityfocus.com/bid/36423/info Linux Kernel Homepage http://www.kernel.org/ |
| IMPACT ASSESSMENT: | This risk is medium. Local attackers may be able to exploit this issue to run arbitrary code with elevated privileges. Failed exploit attempts may crash the affected kernel, denying service to legitimate users. |
Discussion: The Linux kernel is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Local attackers may be able to exploit this issue to run arbitrary code with elevated privileges. Failed exploit attempts may crash the affected kernel, denying service to legitimate users. Exploit Code is available at: http://www.securityfocus.com/data/vulnerabilities/exploits/36423.tgz Vulnerable: Linux kernel 2.6.31 -rc7 Linux kernel 2.6.31 -rc6 Linux kernel 2.6.31 -rc3 Linux kernel 2.6.31 -rc1 Linux kernel 2.6.31 Linux kernel 2.6.31-rc9 Linux kernel 2.6.31-rc8 Linux kernel 2.6.31-rc7 Linux kernel 2.6.31-rc5-git3 Solution: The vendor has supplied patches at the following address: http://www.kernel.org/
Voice: 866-941-2472
E-mail: doecirc@doecirc.energy.gov
World Wide Web: http://www.doecirc.energy.gov