CVE-2005-0001 - Dockside Twist

Description

Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7 2.4 to 2.4.29 and 2.6 to 2.6.10 when running on multiprocessor machines allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030826.html http://isec.pl/vulnerabilities/isec-0022-pagefault.txt http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930 https://bugzilla.fedora.us/show_bug.cgi?id=2336 http://www.redhat.com/support/errata/RHSA-2005-043.html http://www.redhat.com/support/errata/RHSA-2005-092.html http://www.trustix.org/errata/2005/0001/ http://securitytracker.com/id?1012862 http://secunia.com/advisories/13822 http://www.redhat.com/support/errata/RHSA-2005-016.html http://www.debian.org/security/2006/dsa-1070 http://www.debian.org/security/2006/dsa-1067 http://www.debian.org/security/2006/dsa-1069 http://www.redhat.com/support/errata/RHSA-2005-017.html http://www.securityfocus.com/bid/12244 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://www.debian.org/security/2006/dsa-1082 http://secunia.com/advisories/20338 http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 http://marc.info/?l=bugtraq&m=110554694522719&w=2 http://marc.info/?l=bugtraq&m=110581146702951&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18849 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10322