Security update patch to 2.6.3 for mremap()?

From: Nur Hussein
Date: Thu Feb 19 2004 - 09:48:08 EST


Greetings,
I was searching the source and changelogs of 2.6.3 to find the specific
patch that fixed the recent security hole discovered in mremap()

http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt
I found Andrew Morton's changelog entry that touched mremap:

http://linux.bkbits.net:8080/linux-2.5/cset@xxxxxxxxxxx?nav=index.html|ChangeSet@-2d
I noticed however, that a fix to the same problem in 2.4.25 sent by
Andrea Arcangeli adds only one line to a different section of code:

http://linux.bkbits.net:8080/linux-2.4/diffs/mm/mremap.c@xxx?nav=cset@1.1136.94.4
Is this line missing from 2.6.3, or did Andrew Morton's fixes address
the problem already?

-= Nur Hussein =-


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/