*** This bug is a security vulnerability ***
Public security bug reported:
The setup_arg_pages function in fs/exec.c in the Linux kernel before
2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict
the stack memory consumption of the (1) arguments and (2) environment
for a 32-bit application on a 64-bit platform, which allows local users
to cause a denial of service (system crash) via a crafted exec system
call, a related issue to CVE-2010-2240.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Affects: linux-ti-omap4 (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/795461
Title:
CVE-2010-3858
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/795461/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
