Re: 2.2.0 SECURITY

Paul (PELaufer@csupomona.edu)
Wed, 27 Jan 1999 01:20:17 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Bill Melotti: "Re: RAMDISK Bug - 2.0.36 kernel (again)"
Previous message: Tim Waugh: "HP LaserJet 3"

>There is a bug that works only on the 2.2.0 kernel that will allow root
>and non-root users to crash the machine (the system reboots).
>
>To replicate this bug do following:
>
>Take any core file, and as normal user or root run: ldd core
>
>The machine will reboot, saying that it cannot get execution permissions
>for ./core
>
>As far as I can tell, this problem only affects x86 machines running
>2.2.0. I know that PPC is not affected.
>
>Note: This problem does not occur in kernels before 2.2.0, and is
>apparently fixed in 2.2.0ac1.
>
>Thanks to Gennady Gurov (gurov@frii.com) for discovering this problem.

Occured here: Ppro 200, 48mb RAM, Matrox fb, Soundblaster 16, smbfs,
IP-masq, using egcs 1.1, ide-scsi, rest is pretty vanilla

Both on 2.2.0 AND 2.2.0-final

ldd is from Glibc-2.0.108 (also compiled with egcs 1.1)

core was from program:
main() { * (int *) 0 = 0; }

core perms were 600

Note, my machine hung hard, with no reboot.
Error message given:
free_one_pmd: bad directory entry 000001e3

Paul Laufer

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Bill Melotti: "Re: RAMDISK Bug - 2.0.36 kernel (again)"
Previous message: Tim Waugh: "HP LaserJet 3"