pending stable kernel security updates
Kees Cook
kees at ubuntu.com
Tue Jun 24 17:26:59 UTC 2008
Hi Tim,
On Tue, Jun 24, 2008 at 10:21:01AM -0600, Tim Gardner wrote:
> The Debian patch looks correct. Its my guess that 'RESTORE_ALL 8'
> immediately prior to 'iretq' does not restore segment registers. Due to
> assembler magic the jump to the iret_label symbol will load CS with the
> destination segment, in essence restoring CS to the trap segment which
> is necessary for a successful 'iretq'.
Okay, great. I've pushed the patch into the ubuntu-security trees.
Thanks again for digging this up!
-Kees
--
Kees Cook
Ubuntu Security Team
More information about the kernel-team
mailing list