kernel
Page content
- Author: vmiklos
- Vulnerable: 2.6.22-7sayshell5
- Unaffected: 2.6.22-7sayshell6
A vulnerability have been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose potentially sensitive information or gain escalated privileges. The vulnerability is caused due to certain drivers with registered page fault handlers not correctly preventing size expansions of mapped memory regions beyond the originally allocated size. This can be exploited to gain access to other memory areas via e.g. the “mremap()” system call. Successful exploitation may allow local attackers to disclose and manipulate kernel memory, which potentially can be leveraged to gain escalated privileges.
- Bug Tracker URL: http://bugs.frugalware.org/task/2834