cvs commit: src/sys/amd64/linux32 linux32_sysvec.c src/sys/sys
exec.h
David Schultz
das at FreeBSD.org
Wed Mar 23 00:28:00 PST 2005
das 2005-03-23 08:27:59 UTC
FreeBSD src repository
Modified files:
sys/amd64/linux32 linux32_sysvec.c
sys/sys exec.h
Log:
Make ps_nargvstr and ps_nenvstr unsigned. This fixes an input
validation error in procfs/linprocfs that can be exploited by local
users to cause a kernel panic. All versions of FreeBSD with the patch
referenced in SA-04:17.procfs have this bug, but versions without that
patch have a more serious bug instead. This problem only affects
systems on which procfs or linprocfs is mounted.
Found by: Coverity Prevent analysis tool
Security: Local DOS
Revision Changes Path
1.7 +2 -2 src/sys/amd64/linux32/linux32_sysvec.c
1.32 +2 -2 src/sys/sys/exec.h
More information about the cvs-src
mailing list