(sles8 not affected, we did not support em64t there)

right?

The problem actually can happen in a different way on AMD systems too.

Created attachment 72752 [details]
2.6 fix

Created attachment 72753 [details]
2.4 patch

Created attachment 72754 [details]
Correct 2.6 fix

Sorry don't have time to check it into all supported trees before I leave
for vacation. We need 2.6 and 2.4 patches for the next security update.

The 2.6 patch has some trouble so it can't be applied right now without
further debugging.

Assigning to Andi for further tracking.

I have patches for 2.6 that should be ok now, but some more testing needed.

Created attachment 75839 [details]
2.6 patch 1

Created attachment 75840 [details]
2.6 patch #2. Both are needed

Patch checked in in all maintained trees. I also added the related elf
entry check to sles8 where it was still missing.

Andi, should these be in mainline and in the -stable tree?

Oh never mind, you've already send them to -stable, sorry about that.

CVE-2006-0744

Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS.

Already checked them into HEAD, will be in the next 10.1 beta.

Someone should check these into all other branches too.

They're in all branches

thanks!

since it is in all branches, and just need to be pushed out, we can mark it fixed.

Have to fix the fix - the original fix broke UML.

Fixed for SLES10. 

Fixes checked in everywhere

released the updates.

of course we releaed only sles9 ... sorry, reopen

released 9.2 - 10.0 too now.

CVE-2006-0744: CVSS v2 Base Score: 4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C)