[原文]The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash).
Red Hat Enterprise Linux Kernel usercopy.c rw_vm() Function Local Overflow DoS
Local Access Required
Denial of Service,
Loss of Integrity,
Loss of Availability
A local overflow exists in the kernel of Red Hat Enterprise Linux. The 'rw_vm()' function in 'usercopy.c' fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a malicious user can cause the kernel to crash resulting in a loss of availability.
Currently, there are no known workarounds or upgrades to correct this issue. However, Red Hat has released a patch to address this vulnerability.