EGI CSIRT:Alerts/kernel-2010-09-16

From EGIWiki
Jump to: navigation, search

Title: CRITICAL Kernel Vulnerability: 64-bit Compatibility Mode Stack Pointer Corruption
Date: September 16, 2010


A vulnerability in the 32-bit compatibility layer for 64-bit systems has
been reported. It is caused by insecure allocation of user space memory
when translating system call inputs to 64-bit. A stack pointer corruption
can occur when using the "compat_alloc_user_space" method with an
arbitrary length input. This vulnerability has been labeled

A local root exploit for this issue is publically available, and has
been verified to work on at least RHEL/CentOS/SLC 5 systems. It is
likely that the vulnerability is present also on other distributions,
even if this particular exploit doesn't work on them.


EGI CSIRT has classified this as a critical vulnerability, and all sites
should update their 64-bit machines in the EGI infrastructure as soon as
vendor kernel updates are published and available.

A kernel update for SLC5 x86_64 is expected within a few hours.

EGI CSIRT will not issue any recommendation whether to drain queues and
disable logins pending a kernel update; we defer to local site policy in
this matter.

WLCG management is aware of the issue and will accept essential and related
unscheduled downtime incurred while handling CVE-2010-3081.


This problem was reported on 2010-09-16 by Ben Hawkes:

RedHat is recognizing the problem:

A working local root exploit has been published on the Full Disclosure
mailing list: