Linux 2.6 kernel: stack overflow vulnerability

Users of Linux 2.6 kernel please be advised of a stack overflow vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

MDVSA-2010:214: [MDVSA-2010:214] kernel stack overflow
Problem Description:

A vulnerability was discovered and corrected in the Linux 2.6 kernel:

A vulnerability in Linux kernel caused by insecure allocation of user
space memory when translating system call inputs to 64-bit. A stack
pointer underflow can occur when using the compat_alloc_user_space
method with an arbitrary length input. (CVE-2010-3081)Read more at http://www.criticalwatch.com

 

Advertisements