CVE-2006-6304 affect kernel on RHEL5?
Issue
- According to the CVE info, these are kernel 2.6.19 issue, so it looks that these does not affect RHEL5. However, the relevant code looks to be included in RHEL5.
- This issue's patch info is written at http://www.mail-archive.com/linux-kernel@vger.kernel.org/msg102611.html
*******************************************************
--- linux-2.6.19.orig/fs/exec.c
+++ linux-2.6.19/fs/exec.c
@@ -1515,7 +1515,8 @@ int do_coredump(long signr, int exit_cod
ispipe = 1;
} else
file = filp_open(corename,
- O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE, 0600);
+ O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag,
+ 0600);
if (IS_ERR(file))
goto fail_unlock;
inode = file->f_dentry->d_inode
*******************************************************
You can see "flag" option is added in filp_open().
I compared kernel-2.6.19.1 to kernel-2.6.18-128(RHEL5), but kernel-2.6.18 is
not patched.
/linux-2.6.19.1/fs/exec.c
***************
int do_coredump(long signr, int exit_code, struct pt_regs * regs)
:
:
} else
file = filp_open(corename,
! O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag,
! 0600);
***************
/linux-2.6.18-128/fs/exec.c
---------------
int do_coredump(long signr, int exit_code, struct pt_regs * regs)
:
:
}
} else
file = filp_open(corename,
! O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE, 0600);
!
---------------
Environment
- Red Hat Enterprise Linux 5.3 x86_64/x86 with kernel-2.6.18-128.el5
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
