Bug 64171 (CVE-2004-1333) - VUL-0: CVE-2004-1333: kernel: local dos in tty handler
Summary: VUL-0: CVE-2004-1333: kernel: local dos in tty handler
Status: RESOLVED FIXED
Alias: CVE-2004-1333
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: All Linux
: P3 - Medium : Major
Target Milestone: ---
Assignee: Marcus Meissner
QA Contact: Security Team bot
URL:
Whiteboard: CVE-2004-1333: CVSS v2 Base Score: 2....
Keywords:
Depends on:
Blocks:
 
Reported: 2004-12-13 17:19 UTC by Marcus Meissner
Modified: 2021-10-27 08:43 UTC (History)
1 user (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
tty2vendor.c (869 bytes, text/plain)
2004-12-13 17:20 UTC, Marcus Meissner 		Details
vtresize-26.patch (776 bytes, patch)
2005-01-25 19:43 UTC, Marcus Meissner 		Details | Diff
vtresize-24.patch (707 bytes, patch)
2005-01-25 19:48 UTC, Marcus Meissner 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2004-12-13 17:19:41 UTC 
From: Georgi Guninski <guninski@guninski.com> 
To: vendor-sec@lst.de 
header: best read with a sniffer 
User-Agent: Mutt/1.5.5.1i 
Subject: [vendor-sec] long live cve and mitre 
Errors-To: vendor-sec-admin@lst.de 
Date: Fri, 10 Dec 2004 16:02:45 +0200 
 
attached is a proggie. 
 
it is a little hard debugging it when run from *console*. 
 
tested on i386 2.6.9. 
 
kernel developers are notified with description of the problem.
Comment 1 Marcus Meissner 2004-12-13 17:19:41 UTC 
<!-- SBZ_reproduce  -->
see attached exploit.
Comment 2 Marcus Meissner 2004-12-13 17:20:11 UTC 
Created attachment 26994 [details]
tty2vendor.c

exploit from georgi
Comment 3 Hubert Mantel 2005-01-13 23:45:33 UTC 
Is someone working on a fix?
Comment 4 Marcus Meissner 2005-01-21 22:01:49 UTC 
raise a bit in prio
Comment 5 Marcus Meissner 2005-01-25 19:41:16 UTC 
http://linux.bkbits.net:8080/linux-2.6/diffs/drivers/char/vt.c%401.85?nav=index.html|
src/.|src/drivers|src/drivers/char|hist/drivers/char/vt.c
Comment 6 Marcus Meissner 2005-01-25 19:43:03 UTC 
Created attachment 27902 [details]
vtresize-26.patch
Comment 7 Marcus Meissner 2005-01-25 19:48:01 UTC 
Created attachment 27903 [details]
vtresize-24.patch
Comment 8 Marcus Meissner 2005-01-25 19:48:18 UTC 
last 2 attachments are patches from mainline kernels.
Comment 9 Marcus Meissner 2005-01-26 23:19:55 UTC 
this is public
Comment 10 Hubert Mantel 2005-01-26 23:41:33 UTC 
Ok, I just committed the fixes to all trees except the SLES9 SP1 tree. Someone
needs to decide what to do with this one...
Comment 11 Marcus Meissner 2005-01-26 23:46:16 UTC 
is public, so move to suselinux category
Comment 12 Ralf Flaxa 2005-01-27 01:10:15 UTC 
I approve it to also go into the next maintenance/security update kernel.
Comment 13 Ralf Flaxa 2005-01-31 16:46:53 UTC 
Assigning back to security-team. 
Apparently forgot that when adding my last comment.
Comment 14 Marcus Meissner 2005-02-05 01:06:35 UTC 
released for 9.1/SP1 branch. 
 
other products still missing, will in their next update round.
Comment 15 Marcus Meissner 2005-03-14 14:01:56 UTC 
marcus tracked
Comment 16 Marcus Meissner 2005-03-17 15:50:20 UTC 
CAN-2004-1333
Comment 17 Marcus Meissner 2005-03-24 17:21:10 UTC 
updates and advisory released
Comment 18 Thomas Biege 2009-10-13 20:03:38 UTC 
CVE-2004-1333: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)