Bug 105108 (CVE-2005-2617) - VUL-0: CVE-2005-2617: kernel: memory leak in x86_64/insert_vm_struct
Summary: VUL-0: CVE-2005-2617: kernel: memory leak in x86_64/insert_vm_struct
Status: RESOLVED INVALID
Alias: CVE-2005-2617
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other All
: P5 - None : Normal
Target Milestone: ---
Assignee: Andreas Kleen
QA Contact: Security Team bot
URL:
Whiteboard: CVE-2005-2617: CVSS v2 Base Score: 3....
Keywords:
Depends on:
Blocks:
 
Reported: 2005-08-17 07:44 UTC by Sebastian Krahmer
Modified: 2021-11-20 16:26 UTC (History)
1 user (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
x86_64-insertvmstruct-leak.patch (1.49 KB, patch)
2005-08-17 07:49 UTC, Marcus Meissner 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sebastian Krahmer 2005-08-17 07:44:11 UTC 
Date: Wed, 17 Aug 2005 08:59:55 +0200
From: Martin Pitt <martin.pitt@ubuntu.com>
To: Vendor Security <vendor-sec@lst.de>
Subject: [vendor-sec] Fwd: Re: CAN Request for kernel memory leak
Parts/Attachments:
   1 Shown    ~44 lines  Text
   2          196 bytes  Application, "Digital signature"
----------------------------------------

Hi everybody!

This was recently posted here, and I requested a CAN number for it.

FYI

Martin

----- Forwarded message from "Steven M. Christey" <coley@linus.mitre.org> -----

Date: Wed, 17 Aug 2005 02:06:30 -0400 (EDT)
From: "Steven M. Christey" <coley@linus.mitre.org>
To: Martin Pitt <martin.pitt@ubuntu.com>
Cc: cve@mitre.org
Subject: Re: CAN Request for kernel memory leak
X-Spam-Status: No, score=1.1 required=4.0 tests=AWL,BAYES_60 autolearn=no 
       version=3.0.3


======================================================
Candidate: CAN-2005-2617
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2617
Reference:
CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=c
ommit;h=9fb1759a3102c26cd8f64254a7c3e532782c2bb8
Reference:
CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=c
ommitdiff;h=9fb1759a3102c26cd8f64254a7c3e532782c2bb8

The syscall32_setup_pages function in syscall32.c for Linux kernel
2.6.x, on the 64-bit x86 platform, does not check the return value of
the insert_vm_struct function, which allows local users to trigger a
memory leak via a 32-bit application with crafted ELF headers.
Comment 1 Sebastian Krahmer 2005-08-17 07:44:46 UTC 
Not quite sure whether this one was already fixed in our kernels.
Comment 2 Marcus Meissner 2005-08-17 07:49:34 UTC 
Created attachment 46234 [details]
x86_64-insertvmstruct-leak.patch

git extract
Comment 3 Marcus Meissner 2005-08-17 07:50:04 UTC 
Andi, can you please check and comment if we need this for SLES or other 2.6 
kernels?
Comment 4 Marcus Meissner 2005-08-17 09:36:20 UTC 
From: Mark J Cox <mjc@redhat.com> 
 
I've not seen this here previously, but this seems to only affect 2.6.12 
and onwards (affected function not created until then)
Comment 5 Marcus Meissner 2005-08-17 15:35:30 UTC 
the code is neither in SLES 9 nor in 9.3... so i think the above comment 
applies.
Comment 6 Thomas Biege 2009-10-13 20:39:42 UTC 
CVE-2005-2617: CVSS v2 Base Score: 3.6 (AV:L/AC:L/Au:N/C:N/I:P/A:P)