Re: mremap() bug IMHO not in 2.2

From: Valdis . Kletnieks
Date: Mon Jan 05 2004 - 19:12:01 EST

Next message: Linus Torvalds: "Re: mremap() bug IMHO not in 2.2"
Previous message: James Bottomley: "Re: [BUG] x86_64 pci_map_sg modifies sg list - fails multiple map/unmaps"
In reply to: Linus Torvalds: "Re: mremap() bug IMHO not in 2.2"
Next in thread: Linus Torvalds: "Re: mremap() bug IMHO not in 2.2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 05 Jan 2004 15:36:41 PST, Linus Torvalds said:

> So yes, it creates some confusion in the VM layer, but it all seems
> benign. It's clearly a bug, but where does the security problem come in?

Just guessing, but would a zero-length vma be rounded up to a page, and
thus give the attacker scribble permission on a page he shouldn't have had?

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Linus Torvalds: "Re: mremap() bug IMHO not in 2.2"
Previous message: James Bottomley: "Re: [BUG] x86_64 pci_map_sg modifies sg list - fails multiple map/unmaps"
In reply to: Linus Torvalds: "Re: mremap() bug IMHO not in 2.2"
Next in thread: Linus Torvalds: "Re: mremap() bug IMHO not in 2.2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]