Bug 23914

Summary: CVE-2010-2240 kernel: mm: keep a guard page below a grow-down stack segment
Product: Sisyphus Reporter: Dmitry V. Levin <ldv>
Component: kernel-image-tmc-tcAssignee: Michael Shigorin <mike>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: blocker    
Priority: P3 CC: aspsk, boris, boyarsh, ldv, mike, mithraen, oddity, rider, shrek, silicium, sin, vitty, vsu, zerg
Version: unstableKeywords: security
Hardware: all   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2240

Comment 1 Michael Shigorin 2010-08-20 03:54:01 MSD
Какой именно фикс предлагается использовать?
320b2b8de12698082609ebbc1a17165727f4c893 сочли достаточным или нет?
Comment 2 Dmitry V. Levin 2010-08-20 04:48:26 MSD
----- Forwarded message from Greg KH -----

> >You need more than just that one patch to solve all of the issues here.
> >The latest round of stable kernel releases have all of the needed
> >patches, with the exception of the .27-stable kernel, that one is still
> >out for review for more testing.
> 
> Greg, did I miss out any?
> 
> http://git.kernel.org/linus/320b2b8de12698082609ebbc1a17165727f4c893
> http://git.kernel.org/linus/5528f9132cf65d4d892bcbc5684c61e7822b21e9
> http://git.kernel.org/linus/96054569190bdec375fe824e48ca1f4e3b53dd36
> http://git.kernel.org/linus/11ac552477e32835cb6970bf0a70c210807f5673
> http://git.kernel.org/linus/d7824370e26325c881b665350ce64fb0a4fde24a

No, I think that's it.

But watch out if you have kernels older than 2.6.28, the above patches
don't apply there properly.  I have released a 2.6.27.52-rc3 with them
reworked, but I don't really feel comfortable with it at the moment, so
any help and testing would be greatly appreciated.

----- End forwarded message -----
Comment 3 Michael Shigorin 2010-08-20 13:59:02 MSD
(В ответ на комментарий №2)
> But watch out if you have kernels older than 2.6.28, the above patches
> don't apply there properly.  I have released a 2.6.27.52-rc3 with them
> reworked, but I don't really feel comfortable with it at the moment, so
> any help and testing would be greatly appreciated.
Думаю дождаться 2.6.27.52, атака на терминал чревата максимум доступом в локальную сеть с правами root (и к примонтированным флэшкам-сидюшкам).

Если получится раньше, попробую прикрутить SUSE'шный патч, хотя что-то подсказывает, что быстрее выйдет 2.6.27.y.

Спасибо!
Comment 4 Michael Shigorin 2010-08-21 15:44:23 MSD
Дождался.
Comment 5 Repository Robot 2010-08-21 20:10:04 MSD
kernel-image-tmc-tc-2.6.27-alt10 -> sisyphus:

* Sat Aug 21 2010 Michael Shigorin <mike@altlinux> 2.6.27-alt10
- 2.6.27.52: fixes local root vulnerability CVE-2010-2240
  (kernel: mm: keep a guard page below a grow-down stack segment)
  + thanks ldv@ for convenient support (closes: #23914)