Affected Systems:
Linux kernel 2.6.11.11-2.6.37
Description:
--------------------------------------------------------------------------------
Bugtraq id: 45323
Linux Kernel is the Kernel used by open source Linux.
Linux Kernel has Implementation Vulnerabilities. Attackers can exploit these vulnerabilities to bypass certain security restrictions and perform unauthorized operations.
This vulnerability occurs because "install_special_mapping ()" does not perform certain security checks. Before insert_vm_struct, install_special_mapping routine skips the security check and bypasses the mmap_min_addr security restriction by limiting the available webpage of the special ing.
<* Source: Tavis Ormandy
Link: http://permalink.gmane.org/gmane.comp.security.oss.general/3929
Linux/2010-12/30547. htm "> http://www.linuxidc.com/Linux/2010-12/30547.htm
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Linux
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.kernel.org/