Hello,
CAN-2005-0204 reads:
Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T
architectures, allows local users to write to privileged IO ports via
the OUTS instruction.
Although this says "before 2.6.9" this *includes* 2.6.8 (and 2.4.29)
as well as 2.6.9 and apparantly it includes 2.6.10 and soon to be
released 2.6.11 based on my browsing through the changelogs and not
seeing a mention of this, or that particular file being changed. I do
see that the particular function where this is located has changed
slightly, the patch still seems applicable.
Kernel 2.4.29 appears to have a similar vulnerability, although this
patch would not apply cleanly to that tree, but looks relatively
trivial to modify appropriately.
Apparantly this hole has not migrated upstream somehow and so I am
posting this message to find out where its at.
REDHAT:RHSA-2005:092
URL:http://www.redhat.com/support/errata/RHSA-2005-092.html
The RedHat bug associated with this is located at:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=148855
A patch to fix the problem is located here (also linked to the RedHat bug):
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=110424&action=view
This apparantly only affects AMD64 and EM64T.
Thanks,
micah
* micah milano ([email protected]) wrote:
> CAN-2005-0204 reads:
[snip]
> This apparantly only affects AMD64 and EM64T.
It also does not effect mainstream kernels. IIRC, it turns out to be
a problem introduced with 4G/4G patch which is not in mainline.
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
On Mon, Feb 28, 2005 at 02:20:11PM -0800, Chris Wright wrote:
> * micah milano ([email protected]) wrote:
> > CAN-2005-0204 reads:
>
> [snip]
>
> > This apparantly only affects AMD64 and EM64T.
>
> It also does not effect mainstream kernels. IIRC, it turns out to be
> a problem introduced with 4G/4G patch which is not in mainline.
Correct.
Dave