New subject: [suse-security] SuSE 7.3 : Kernel 2.4.10-4GB Bug (fwd)

22 Nov 2001

      Forward from Bugtraq

Is the updated Kernel 2.4.10-20011026 secure against this bug?

(Sorry, can't test it for myself at the moment, as my 7.3-box is in
production use and I need to avoid unnecessary downtimes)

---------- Forwarded message ----------
From: Juergen Pabel 
To: bugtraq@securityfocus.com
Date: Wed, 21 Nov 2001 10:52:17 +0100
Subject: SuSE 7.3 : Kernel 2.4.10-4GB Bug

Summary:
  Any local user can crash a SuSE 7.3 Kernel 2.4.10-4GB (I imagine this is a
buffer overflow or pointer verification problem while in kernel mode)

Details:
  I updated my SuSE 7.2 installation to 7.3 and now I can reproducably crash
the system as any local user (ie: non-root). Out of curiousity i started the
file /usr/src/linux/vmlinux (basically: the file "vmlinux" in the base kernel
source directory) which is the "pure" (for lack of a better word) kernel
after a successful kernel compilation. Since this file is essentially an ELF
executable it's possible to start it (whether or not it actually "runs" is a
different story). On a correctly running kernel it should (and does) exit
with SIGSEGV, while on a 2.4.10-4GB kernel it crashes the whole system (hard
reset, instantly...kaputt).
  I have not tested this any further except to verify that this is actually a
problem with the kernel and not some other kernel module i use (vmware,
pcmcia, ...) or even hardware (tested with same result on a different machine)

I have also not notified the vendor yet because I haven't verified if the
cause is a SuSE patch or if the problem resides within the original kernel
code (I haven't even started looking for the source of the problem).

If you want to contact me do so via email "jpabel at akkaya dot de"

Juergen Pabel
Akkaya Consulting GmbH
www.akkaya.de

SuSE 7.3 : Kernel 2.4.10-4GB Bug (fwd)

Sven Koch

Roman Drahtmueller

Rogier Boon

Thomas Michael Wanka

Rogier Boon

Ben Rosenberg

Jon

tags

participants (6)