[CAN-2005-0204]: AMD64, allows local users to write to privileged IO ports via OUTS instruction

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: micah milano <micaho@gmail.com>
To: linux-kernel@vger.kernel.org
Subject: [CAN-2005-0204]: AMD64, allows local users to write to privileged IO ports via OUTS instruction
Date: Mon, 28 Feb 2005 15:27:13 -0600	[thread overview]
Message-ID: <70fda32050228132743998647@mail.gmail.com> (raw)

Hello,

CAN-2005-0204 reads:

Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T
architectures, allows local users to write to privileged IO ports via
the OUTS instruction.

Although this says "before 2.6.9" this *includes* 2.6.8 (and 2.4.29)
as well as  2.6.9 and apparantly it includes 2.6.10 and soon to be
released 2.6.11 based on my browsing through the changelogs and not
seeing a mention of this, or that particular file being changed. I do
see that the particular function where this is located has changed
slightly, the patch still seems applicable.

Kernel 2.4.29 appears to have a similar vulnerability, although this
patch would not apply cleanly to that tree, but looks relatively
trivial to modify appropriately.

Apparantly this hole has not migrated upstream somehow and so I am
posting this message to find out where its at.

REDHAT:RHSA-2005:092
URL:http://www.redhat.com/support/errata/RHSA-2005-092.html

The RedHat bug associated with this is located at:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=148855

A patch to fix the problem is located here (also linked to the RedHat bug):
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=110424&action=view

This apparantly only affects AMD64 and EM64T.

Thanks,
micah

next             reply	other threads:[~2005-02-28 21:27 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-02-28 21:27 micah milano [this message]
2005-02-28 22:20 ` [CAN-2005-0204]: AMD64, allows local users to write to privileged IO ports via OUTS instruction Chris Wright
2005-02-28 22:50   ` Dave Jones

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=70fda32050228132743998647@mail.gmail.com \
    --to=micaho@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox