[oss-security] CVE request - kernel: thp: prevent hugepages during args/env copying into the user stack

From: Eugene Teo <eugene_at_nospam>
Date: Thu Feb 17 2011 - 07:13:49 GMT
To: oss-security@lists.openwall.com

"Transparent hugepages can only be created if rmap is fully functional.
A specially crafted binary could allow the user stack to grow huge and
backed by hugepages without this patch while is_vma_temporary_stack() is
true.

This also optmizes away some harmless but unnecessary setting of
khugepaged_scan.address and it switches some BUG_ON to VM_BUG_ON."

mm/huge_memory.c - introduced in 71e3aac0 (v2.6.38-rc1)

https://bugzilla.redhat.com/show_bug.cgi?id=678209
http://git.kernel.org/linus/a7d6e4ecdb7648478ddec76d30d87d03d6e22b31

Thanks, Eugene

This message: [ Message body ]
Next message: Nico Golde: "[oss-security] CVE id request: telepathy-gabble"
Previous message: Eugene Teo: "Re: [oss-security] CVE request -- kernel: deficiency in processing igmp host membership reports in br_multicast"
Next in thread: Josh Bressers: "Re: [oss-security] CVE request - kernel: thp: prevent hugepages during args/env copying into the user stack"
Reply: Josh Bressers: "Re: [oss-security] CVE request - kernel: thp: prevent hugepages during args/env copying into the user stack"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]