On Thu, Mar 17, 2005 at 10:42:28PM -0600, Micah Anderson wrote: > Package: kernel-source-2.6.8 > Version: 2.6.8-14 > Severity: normal > Tags: security patch > > CAN-2004-1191 reads: > > Race condition ... when run on SMP systems that have more than 4GB of > memory, could allow local users to read unauthorized memory from > "foreign memory pages." Apparantly it also allows remote attackers to > obtain sensitive information, caused by a vulnerability in the > smb_recv_trans2 function, could also send a specially-crafted TRANS2 > SMB packet to cause a kernel memory leak.
FYI, this problem (or one that looks a lot like it) is also present in 2.4.27 and I plan to include the following fixes in kernel-source-2.4.27-9 http://linux.bkbits.net:8080/linux-2.4/[EMAIL PROTECTED] http://linux.bkbits.net:8080/linux-2.4/[EMAIL PROTECTED] -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]