Bug 85834 (CVE-2005-1765)

Summary:	VUL-0: CVE-2005-1765: kernel: Compat mode program can hang kernel
Product:	[Novell Products] SUSE Security Incidents	Reporter:	ZouNanHai <nanhai.zou>
Component:	Incidents	Assignee:	Security Team bot <security-team>
Status:	RESOLVED FIXED	QA Contact:	Security Team bot <security-team>
Severity:	Critical
Priority:	P5 - None	CC:	linux-patch, security-team, suresh.b.siddha, yanmin.zhang
Version:	unspecified
Target Milestone:	---
Hardware:	x86-64
OS:	All
Whiteboard:	CVE-2005-1765: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)
Found By:	Other	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---
Attachments:	a patch to fix it

Description ZouNanHai 2005-05-25 02:22:50 UTC

The follow program can hang a kernel when compile to 32 bit binary.

#include <unistd.h>
int main()
{
	void *p = (void *)0xFFFFE000UL;
	read(0, p, 4096);
}

I will post a patch to fix it

Comment 1 ZouNanHai 2005-05-25 02:26:05 UTC

Created attachment 38078 [details]
a patch to fix it

Comment 2 Olaf Kirch 2005-05-30 11:04:37 UTC

Andi, is this patch correct? 
 
What about disclosure of this problem - can we include it in SP2?

Comment 3 Andreas Kleen 2005-05-31 14:16:45 UTC

Patch is correct yes.
I don't think we need a disclosure time for this because it is only a DOS.
Hubert, please apply to all 2.6 trees.

Comment 4 Andreas Kleen 2005-05-31 14:24:43 UTC

Small addon: it is not needed anymore on HEAD and 9.3 - a different change
there incidentially fixed that one too. That means it is only needed
on maintained 2.6 x86-64 trees.

Comment 5 Marcus Meissner 2005-06-01 08:22:47 UTC

so missing on branches: 9.2, SLES9 SP1, SLES9 SP2.

Comment 6 Hubert Mantel 2005-06-02 12:15:04 UTC

Ok, done. Kernels have been submitted for check in.

Comment 7 Ludwig Nussel 2005-06-02 14:16:02 UTC

on my 9.3 x86_64 with the now cancelled kernel update it hangs just as it does 
on 9.2 so I'd say this has to go into 9.3 as well.

Comment 8 Ludwig Nussel 2005-06-02 14:51:53 UTC

patch put into 9.3, lets hope it works.

Comment 9 Olaf Kirch 2005-06-07 10:05:40 UTC

Is this fixed for SP2?

Comment 10 Ludwig Nussel 2005-06-07 10:08:06 UTC

Thu Jun  2 14:06:10 CEST 2005 - mantel@suse.de 
 
- patches.fixes/syscall-page-fix: x86_64: Compat mode program 
  can hang kernel (85834).

Comment 11 Andreas Kleen 2005-06-08 13:47:28 UTC

Yes it is.

Comment 12 Ludwig Nussel 2005-06-08 16:02:15 UTC

CAN-2005-1765

Comment 13 Ludwig Nussel 2005-06-09 12:48:20 UTC

updates released

Comment 14 Thomas Biege 2009-10-13 21:24:47 UTC

CVE-2005-1765: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)