Steven
06-17-2004, 03:39 AM
http://www.securityfocus.com/archive/1/366198/2004-06-14/2004-06-20/0
Introduction
#############
The Linux Kernel is the core of the Linux Operating
System, and provides the usual features of a modern
multi-user kernel. Drivers to support many different
devices are available packaged with the Linux Kernel,
including the 'i2c' driver, which provides support for
the 2-wire I2C bus.
In the i2c driver, there is an integer overflow
vulnerability during the allocation of memory,
potentially opening any systems using the i2c driver
up to a security hole.
Default RH kernel:
#
# I2C support
#
CONFIG_I2C=m
CONFIG_I2C_ALGOBIT=m
CONFIG_I2C_PHILIPSPAR=m
CONFIG_I2C_ELV=m
CONFIG_I2C_VELLEMAN=m
CONFIG_I2C_ALGOPCF=m
CONFIG_I2C_ELEKTOR=m
CONFIG_I2C_MAINBOARD=y
CONFIG_I2C_AMD756=m
CONFIG_I2C_I801=m
CONFIG_I2C_PIIX4=m
CONFIG_I2C_VIA=m
CONFIG_I2C_VIAPRO=m
CONFIG_I2C_VOODOO3=m
CONFIG_I2C_ALI1535=m
# CONFIG_I2C_TSUNAMI is not set
CONFIG_I2C_SIS5595=m
CONFIG_I2C_ISA=m
CONFIG_I2C_CHARDEV=m
CONFIG_I2C_PROC=m
Introduction
#############
The Linux Kernel is the core of the Linux Operating
System, and provides the usual features of a modern
multi-user kernel. Drivers to support many different
devices are available packaged with the Linux Kernel,
including the 'i2c' driver, which provides support for
the 2-wire I2C bus.
In the i2c driver, there is an integer overflow
vulnerability during the allocation of memory,
potentially opening any systems using the i2c driver
up to a security hole.
Default RH kernel:
#
# I2C support
#
CONFIG_I2C=m
CONFIG_I2C_ALGOBIT=m
CONFIG_I2C_PHILIPSPAR=m
CONFIG_I2C_ELV=m
CONFIG_I2C_VELLEMAN=m
CONFIG_I2C_ALGOPCF=m
CONFIG_I2C_ELEKTOR=m
CONFIG_I2C_MAINBOARD=y
CONFIG_I2C_AMD756=m
CONFIG_I2C_I801=m
CONFIG_I2C_PIIX4=m
CONFIG_I2C_VIA=m
CONFIG_I2C_VIAPRO=m
CONFIG_I2C_VOODOO3=m
CONFIG_I2C_ALI1535=m
# CONFIG_I2C_TSUNAMI is not set
CONFIG_I2C_SIS5595=m
CONFIG_I2C_ISA=m
CONFIG_I2C_CHARDEV=m
CONFIG_I2C_PROC=m