Kernel Security

Michael LERCH Michael.Lerch at ch.dhl.com
Thu Mar 28 03:06:54 PST 2002


Hi,

I think this may interest some people :

There is a vulnerability in the kernel, version: up to 2.2.20 and
2.4.18

Issue:
    In case of excessively long path names d_path kernel internal
function
    returns truncated trailing components of a path name instead of
an error
    value. As this function is called by getcwd(2) system call and
    do_proc_readlink() function, false information may be returned to

    user-space processes.

For more information :
http://online.securityfocus.com/archive/1/264117

I had a quick glance, at http://www.kernel.org no patch seems to be
available.

Bye
Michael


-------------- next part --------------
A non-text attachment was scrubbed...
Name: Michael.Lerch.vcf
Type: text/x-vcard
Size: 400 bytes
Desc: Card for Michael LERCH
URL: <http://lists.linuxfromscratch.org/pipermail/lfs-security/attachments/20020328/2b68a34b/attachment.vcf>


More information about the lfs-security mailing list