oss-security September 2010 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: [oss-security] CVE-2010-3081 kernel: 64-bit Compat

[oss-security] CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow

From: Eugene Teo <eugeneteo_at_nospam>
Date: Thu Sep 16 2010 - 05:33:13 GMT
To: oss-security@lists.openwall.com

Reported by Ben Hawkes. "A vulnerability in the 32-bit compatibility
layer for 64-bit systems was reported. It is caused by insecure
allocation of user space memory when translating system call inputs to
64-bit. A stack pointer underflow can occur when using the
"compat_alloc_user_space" method with an arbitrary length input."

Reference:
http://sota.gen.nz/compat1/
https://bugzilla.redhat.com/CVE-2010-3081

Upstream commit:
http://git.kernel.org/linus/c41d68a513c71e35a14f66d71782d27a79a81ea6

Thanks, Eugene
-- main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }