Linux Kernel restore_all Function Local DoS

2006-08-23T18:49:39
ID OSVDB:28120
Type osvdb
Reporter Marcel Holtmann(marcel@trifinite.org)
Modified 2006-08-23T18:49:39

Description

Vulnerability Description

The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered when an application provides an incorrect %ds or %es register to the path in arch/i386/kernel/entry.S:restore_all, and will result in kernel panic.

Solution Description

Upgrade to Linux kernel version 2.6.10 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered when an application provides an incorrect %ds or %es register to the path in arch/i386/kernel/entry.S:restore_all, and will result in kernel panic.

References:

Vendor Specific News/Changelog Entry: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.10 Vendor Specific Advisory URL Secunia Advisory ID:22093 Secunia Advisory ID:21605 Secunia Advisory ID:22174 RedHat RHSA: RHSA-2006:0617 Other Advisory URL: http://www.us.debian.org/security/2006/dsa-1184 Generic Informational URL: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196280 Generic Informational URL: http://linux.bkbits.net:8080/linux-2.6/cset@4182a613oVsK0-8eCWpyYFrUf8rhLA Generic Informational URL: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=144658 FrSIRT Advisory: ADV-2006-3378 CVE-2006-2932