Linux Kernel on AMD64 Crafted syscall() Argument Local DoS

2005-06-27T11:36:25
ID OSVDB:17545
Type osvdb
Reporter ZouNanHai()
Modified 2005-06-27T11:36:25

Description

Vulnerability Description

Linux Kernel on AMD64 contains a flaw that may allow a local denial of service on while in 32-bit compatibility mode. The issue is due to an error in fault.c and can cause the kernel to crash when handling specially crafted syscall() arguments, and will result in loss of availability for the platform.

Solution Description

Upgrade to version 2.6.8.1-16.20 (for Ubuntu 4.10) and 2.6.10-34.3 (for Ubuntu 5.04) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Linux Kernel on AMD64 contains a flaw that may allow a local denial of service on while in 32-bit compatibility mode. The issue is due to an error in fault.c and can cause the kernel to crash when handling specially crafted syscall() arguments, and will result in loss of availability for the platform.

References:

Vendor Specific Advisory URL Security Tracker: 1014303 Secunia Advisory ID:18056 Secunia Advisory ID:15812 Other Advisory URL: http://www.debian.org/security/2005/dsa-922 CVE-2005-1765