* Security update patch to 2.6.3 for mremap()?
@ 2004-02-19 14:37 Nur Hussein
2004-02-19 16:00 ` Diego Calleja García
0 siblings, 1 reply; 7+ messages in thread
From: Nur Hussein @ 2004-02-19 14:37 UTC (permalink / raw)
To: linux-kernel
Greetings,
I was searching the source and changelogs of 2.6.3 to find the specific
patch that fixed the recent security hole discovered in mremap()
http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt
I found Andrew Morton's changelog entry that touched mremap:
http://linux.bkbits.net:8080/linux-2.5/cset@1.1557.2.83?nav=index.html|ChangeSet@-2d
I noticed however, that a fix to the same problem in 2.4.25 sent by
Andrea Arcangeli adds only one line to a different section of code:
http://linux.bkbits.net:8080/linux-2.4/diffs/mm/mremap.c@1.7?nav=cset@1.1136.94.4
Is this line missing from 2.6.3, or did Andrew Morton's fixes address
the problem already?
-= Nur Hussein =-
^ permalink raw reply [flat|nested] 7+ messages in thread* Re: Security update patch to 2.6.3 for mremap()?
2004-02-19 14:37 Security update patch to 2.6.3 for mremap()? Nur Hussein
@ 2004-02-19 16:00 ` Diego Calleja García
2004-02-19 17:37 ` Chris Wright
2004-02-19 17:43 ` Nur Hussein
0 siblings, 2 replies; 7+ messages in thread
From: Diego Calleja García @ 2004-02-19 16:00 UTC (permalink / raw)
To: Nur Hussein; +Cc: linux-kernel
El Thu, 19 Feb 2004 22:37:46 +0800 Nur Hussein <obiwan@slackware.org.my> escribió:
> I noticed however, that a fix to the same problem in 2.4.25 sent by
> Andrea Arcangeli adds only one line to a different section of code:
>
> http://linux.bkbits.net:8080/linux-2.4/diffs/mm/mremap.c@1.7?nav=cset@1.1136.94.4
AFAIK, the 2.4 path should be this one, shouldn't it?
http://linux.bkbits.net:8080/linux-2.4/patch@1.1323?nav=index.html|ChangeSet@-2d|cset@1.1323
> Is this line missing from 2.6.3, or did Andrew Morton's fixes address
> the problem already?
The 2.6 should be this one (comitted 15 days ago):
http://linux.bkbits.net:8080/linux-2.5/diffs/mm/mremap.c@1.38?nav=index.html|src/|src/mm|hist/mm/mremap.c
2.6.3 is safe, it seems
PD: Your mailer is doing very weird things.
Diego Calleja
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Security update patch to 2.6.3 for mremap()?
2004-02-19 16:00 ` Diego Calleja García
@ 2004-02-19 17:37 ` Chris Wright
2004-02-19 17:43 ` Nur Hussein
1 sibling, 0 replies; 7+ messages in thread
From: Chris Wright @ 2004-02-19 17:37 UTC (permalink / raw)
To: Diego Calleja García; +Cc: Nur Hussein, linux-kernel
* Diego Calleja García (diegocg@teleline.es) wrote:
> El Thu, 19 Feb 2004 22:37:46 +0800 Nur Hussein <obiwan@slackware.org.my> escribió:
> > http://linux.bkbits.net:8080/linux-2.4/diffs/mm/mremap.c@1.7?nav=cset@1.1136.94.4
>
> AFAIK, the 2.4 path should be this one, shouldn't it?
> http://linux.bkbits.net:8080/linux-2.4/patch@1.1323?nav=index.html|ChangeSet@-2d|cset@1.1323
yep.
> > Is this line missing from 2.6.3, or did Andrew Morton's fixes address
> > the problem already?
>
> The 2.6 should be this one (comitted 15 days ago):
> http://linux.bkbits.net:8080/linux-2.5/diffs/mm/mremap.c@1.38?nav=index.html|src/|src/mm|hist/mm/mremap.c
> 2.6.3 is safe, it seems
yep.
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Security update patch to 2.6.3 for mremap()?
2004-02-19 16:00 ` Diego Calleja García
2004-02-19 17:37 ` Chris Wright
@ 2004-02-19 17:43 ` Nur Hussein
2004-02-19 17:56 ` Chris Wright
1 sibling, 1 reply; 7+ messages in thread
From: Nur Hussein @ 2004-02-19 17:43 UTC (permalink / raw)
To: linux-kernel
Thank you for the clarification, and I apologize for my previous email
which went horribly wrong wrt formatting.
> AFAIK, the 2.4 path should be this one, shouldn't it?
> http://linux.bkbits.net:8080/linux-2.4/patch@1.1323?nav=index.html|ChangeSet@-2d|cset@1.1323
> http://linux.bkbits.net:8080/linux-2.5/diffs/mm/mremap.c@1.38?nav=index.html|src/|src/mm|hist/mm/mremap.c
> 2.6.3 is safe, it seems
Yes, those two patches seem to match up.
However, I am still intrigued by this fix:
http://linux.bkbits.net:8080/linux-2.4/diffs/mm/mremap.c@1.7?nav=cset@1.1136.94.4
It does not seem to be in 2.6.3. I can only assume 2.6.x does not
require it? The Changeset says it is to prevent a potential exploit by
the malicious use of mremap().
-= Nur Hussein =-
^ permalink raw reply [flat|nested] 7+ messages in thread
[parent not found: <200402200946.i1K9k2OH015422@sunrise.pg.gda.pl>]
end of thread, other threads:[~2004-02-20 10:13 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-02-19 14:37 Security update patch to 2.6.3 for mremap()? Nur Hussein
2004-02-19 16:00 ` Diego Calleja García
2004-02-19 17:37 ` Chris Wright
2004-02-19 17:43 ` Nur Hussein
2004-02-19 17:56 ` Chris Wright
2004-02-20 6:44 ` mremap patches for 2.4 and 2.2? Ville Herva
[not found] <200402200946.i1K9k2OH015422@sunrise.pg.gda.pl>
2004-02-20 10:13 ` Andrzej Krzysztofowicz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox