Linux Kernel binfmt_elf.c Malformed elf Entry Address Local DoS

2006-02-26T10:32:35
ID OSVDB:23607
Type osvdb
Reporter OSVDB
Modified 2006-02-26T10:32:35

Description

Vulnerability Description

The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered because the code in binfmt_elf.c fails to properly validate the entry address of ELF executables. With a crafted ELF binary, the kernel can be forced to enter an inifite loop, which will result in loss of availability for the platform.

Note that the issue is only present on non-AMD x86_64 systems.

Solution Description

Upgrade to version 2.6.15.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered because the code in binfmt_elf.c fails to properly validate the entry address of ELF executables. With a crafted ELF binary, the kernel can be forced to enter an inifite loop, which will result in loss of availability for the platform.

Note that the issue is only present on non-AMD x86_64 systems.

References:

Vendor Specific News/Changelog Entry: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.5 Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1015724 Secunia Advisory ID:19083 Secunia Advisory ID:19220 Secunia Advisory ID:20671 Secunia Advisory ID:21983 Secunia Advisory ID:20398 Secunia Advisory ID:19108 Secunia Advisory ID:20237 Secunia Advisory ID:21136 Secunia Advisory ID:21745 Related OSVDB ID: 23605 Related OSVDB ID: 23606 RedHat RHSA: RHSA-2006:0493 RedHat RHSA: RHSA-2006:0437 Other Advisory URL: http://www.us.debian.org/security/2006/dsa-1097 ISS X-Force ID: 25001 FrSIRT Advisory: ADV-2006-0804 CVE-2006-0741 Bugtraq ID: 16925