Linux Kernel SYS_EPoll_Wait Local Integer Overflow Vulnerability
BID:12763
Info
Linux Kernel SYS_EPoll_Wait Local Integer Overflow Vulnerability
| Bugtraq ID: | 12763 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-0736 |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 09 2005 12:00AM |
| Updated: | Aug 05 2010 07:45PM |
| Credit: | Georgi Guninski <[email protected]> is credited with the discovery of this issue. |
| Vulnerable: |
Redhat Fedora Core3 Redhat Fedora Core2 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux AS 4 Redhat Desktop 4.0 Linux kernel 2.6.11 Linux kernel 2.6.10 Linux kernel 2.6.9 Linux kernel 2.6.8 Linux kernel 2.6.7 Linux kernel 2.6.6 Linux kernel 2.6.5 Linux kernel 2.6.4 Linux kernel 2.6.3 Linux kernel 2.6.2 Linux kernel 2.6.1 Linux kernel 2.6 |
| Not Vulnerable: | |
Discussion
Linux Kernel SYS_EPoll_Wait Local Integer Overflow Vulnerability
A Local integer overflow vulnerability affects the Linux kernel. This issue is due to a failure of the affected kernel to properly handle user-supplied size values.
An attacker may leverage this issue to overwrite low kernel memory. This may potentially facilitate privilege escalation.
A Local integer overflow vulnerability affects the Linux kernel. This issue is due to a failure of the affected kernel to properly handle user-supplied size values.
An attacker may leverage this issue to overwrite low kernel memory. This may potentially facilitate privilege escalation.
Exploit / POC
Linux Kernel SYS_EPoll_Wait Local Integer Overflow Vulnerability
The researcher has published a proof of concept exploit. Please contact the discoverer for further information.
The following exploit 'k-rad3.c' has been made available.
The researcher has published a proof of concept exploit. Please contact the discoverer for further information.
The following exploit 'k-rad3.c' has been made available.
Solution / Fix
Linux Kernel SYS_EPoll_Wait Local Integer Overflow Vulnerability
Solution:
RedHat has released an advisory (FEDORA-2005-262) and fixes for Fedora Core 2. Please see the referenced advisory for further information.
Ubuntu has released advisory USN-95-1 to address this issue. Please see the referenced advisory for more information.
RedHat has released advisory FEDORA-2005-313 to address this issue for Fedora Core 3. Please see the referenced advisory for further information.
RedHat has released advisory RHSA-2005:366-19 to address this, and other issues in RedHat Enterprise Linux 4, and RedHat Desktop 4 operating systems. Please see the referenced advisory for further information.
Red Hat released advisory RHSA-2005:293-16 as well as fixes to address this and other issues on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisories for additional information.
Conectiva Linux has released advisory CLA-2005:952 addressing this issue. Please see the referenced advisory for details on obtaining and applying the appropriate updates.
Linux kernel 2.6.5
Linux kernel 2.6.9
Solution:
RedHat has released an advisory (FEDORA-2005-262) and fixes for Fedora Core 2. Please see the referenced advisory for further information.
Ubuntu has released advisory USN-95-1 to address this issue. Please see the referenced advisory for more information.
RedHat has released advisory FEDORA-2005-313 to address this issue for Fedora Core 3. Please see the referenced advisory for further information.
RedHat has released advisory RHSA-2005:366-19 to address this, and other issues in RedHat Enterprise Linux 4, and RedHat Desktop 4 operating systems. Please see the referenced advisory for further information.
Red Hat released advisory RHSA-2005:293-16 as well as fixes to address this and other issues on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisories for additional information.
Conectiva Linux has released advisory CLA-2005:952 addressing this issue. Please see the referenced advisory for details on obtaining and applying the appropriate updates.
Linux kernel 2.6.5
-
Fedora kernel-2.6.10-1.771_FC2.i586.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora kernel-2.6.10-1.771_FC2.i686.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora kernel-2.6.10-1.771_FC2.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora kernel-debuginfo-2.6.10-1.771_FC2.i586.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora kernel-debuginfo-2.6.10-1.771_FC2.i686.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora kernel-debuginfo-2.6.10-1.771_FC2.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora kernel-doc-2.6.10-1.771_FC2.noarch.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora kernel-smp-2.6.10-1.771_FC2.i586.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora kernel-smp-2.6.10-1.771_FC2.i686.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora kernel-smp-2.6.10-1.771_FC2.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora kernel-sourcecode-2.6.10-1.771_FC2.noarch.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
Linux kernel 2.6.9
-
Fedora kernel-2.6.11-1.14_FC3.i586.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora kernel-2.6.11-1.14_FC3.i686.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora kernel-2.6.11-1.14_FC3.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora kernel-debuginfo-2.6.11-1.14_FC3.i586.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora kernel-debuginfo-2.6.11-1.14_FC3.i686.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora kernel-debuginfo-2.6.11-1.14_FC3.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora kernel-doc-2.6.11-1.14_FC3.noarch.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora kernel-smp-2.6.11-1.14_FC3.i586.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora kernel-smp-2.6.11-1.14_FC3.i686.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora kernel-smp-2.6.11-1.14_FC3.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
References
Linux Kernel SYS_EPoll_Wait Local Integer Overflow Vulnerability
References:
References: