Bug 90500 (CVE-2005-1767)

Summary: VUL-0: CVE-2005-1767: kernel: 2.4 only local stack overflow segment dos on x86-64
Product: [Novell Products] SUSE Security Incidents Reporter: Andreas Kleen <ak>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: x86-64   
OS: All   
Whiteboard: CVE-2005-1767: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: Don't use exception stack for stack segment

Comment 1 Andreas Kleen 2005-06-12 13:45:57 UTC 
Created attachment 39008 [details]
Don't use exception stack for stack segment

Untested patch for 2.4.31.
Comment 2 Ludwig Nussel 2005-06-13 07:05:05 UTC 
*** Bug 88492 has been marked as a duplicate of this bug. ***
Comment 3 Hubert Mantel 2005-06-13 10:09:31 UTC 
Is this public, so I can add it to all 2.4 based trees? I would like to avoid
security bugs piling up again :/
Comment 4 Andreas Kleen 2005-06-13 10:33:10 UTC 
No, it's not public. I don't know when RH will, however since it is only
a local dos i hope they won't take too long.
Comment 5 Marcus Meissner 2005-06-29 15:51:03 UTC 
ping andi? 
 
is it public now?
Comment 6 Andreas Kleen 2005-06-29 16:39:54 UTC 
Ah no. I actually forgot about that one. I will do a patch for Marcelo now.
Comment 7 Marcus Meissner 2005-06-30 09:14:44 UTC 
hubert, please also add to SLES 8 kernel.
Comment 8 Hubert Mantel 2005-07-19 09:19:42 UTC 
Fix has been committed to all 2.4 based trees.
Comment 9 Ludwig Nussel 2005-08-03 15:15:51 UTC 
Is this fully public now? The mitre site doesn't list the can number yet and 
are about to release the kernels.
Comment 10 Ludwig Nussel 2005-08-04 07:11:49 UTC 
updates released
Comment 12 Thomas Biege 2009-10-13 21:27:59 UTC 
CVE-2005-1767: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)