CVE-2009-2584

Published: 23 July 2009

Off-by-one error in the options_write function in drivers/misc/sgi-gru/gruprocfs.c in the SGI GRU driver in the Linux kernel 2.6.30.2 and earlier on ia64 and x86 platforms might allow local users to overwrite arbitrary memory locations and gain privileges via a crafted count argument, which triggers a stack-based buffer overflow.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.32~rc7)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by d39b7dd1dcbf394a1cb897457c862dafe9a20ac5
linux-source-2.6.15
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.32~rc7)