Date: Wed, 23 Mar 2005 08:27:59 +0000 (UTC) From: David Schultz <das@FreeBSD.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/amd64/linux32 linux32_sysvec.c src/sys/sys exec.h Message-ID: <200503230827.j2N8Rxcp021896@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
das 2005-03-23 08:27:59 UTC FreeBSD src repository Modified files: sys/amd64/linux32 linux32_sysvec.c sys/sys exec.h Log: Make ps_nargvstr and ps_nenvstr unsigned. This fixes an input validation error in procfs/linprocfs that can be exploited by local users to cause a kernel panic. All versions of FreeBSD with the patch referenced in SA-04:17.procfs have this bug, but versions without that patch have a more serious bug instead. This problem only affects systems on which procfs or linprocfs is mounted. Found by: Coverity Prevent analysis tool Security: Local DOS Revision Changes Path 1.7 +2 -2 src/sys/amd64/linux32/linux32_sysvec.c 1.32 +2 -2 src/sys/sys/exec.h
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503230827.j2N8Rxcp021896>