[kernel-sec-discuss] r667 - active retired

Dann Frazier dannf at alioth.debian.org
Mon Dec 18 00:44:19 CET 2006 

Author: dannf
Date: 2006-12-18 00:44:19 +0100 (Mon, 18 Dec 2006)
New Revision: 667

Added:
   retired/CVE-2006-5751
Removed:
   active/CVE-2006-5751
Log:
retire CVE-2006-5751

Deleted: active/CVE-2006-5751
===================================================================
--- active/CVE-2006-5751	2006-12-17 23:43:35 UTC (rev 666)
+++ active/CVE-2006-5751	2006-12-17 23:44:19 UTC (rev 667)
@@ -1,34 +0,0 @@
-Candidate: CVE-2006-5751
-References: 
- MISC:http://projects.info-pull.com/mokb/MOKB-29-11-2006.html
- MISC:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;h=4c61a7e0a86e1ae9e16867f9f8e4b0412b8edbaf;hp=4e4119a1213925568b8a1acdef9bf52b98b19da3;hb=ba8379b220509e9448c00a77cf6c15ac2a559cc7;f=net/bridge/br_ioctl.c
- CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ba8379b220509e9448c00a77cf6c15ac2a559cc7
- CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.18.4
- BID:21353
- URL:http://www.securityfocus.com/bid/21353
- FRSIRT:ADV-2006-4781
- URL:http://www.frsirt.com/english/advisories/2006/4781
- SECUNIA:23073
- XF:linux-getfdbentries-integer-overflow(30588)
- URL:http://xforce.iss.net/xforce/xfdb/30588 
-Description: 
- Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in
- the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code
- via a large maxnum value in an ioctl request.
-Ubuntu-Description: 
- An integer overflow was found in the get_fdb_entries() function of
- the network bridging code. By executing a specially crafted ioctl, a
- local attacker could exploit this to execute arbitrary code with root
- privileges.
-Notes: 
- dannf> Marking 2.4 as N/A - the code is much different now, and nothing
- dannf> seemed to be checking PAGE_SIZE at all in 2.4
-Bugs: 
-upstream: released (2.6.18.4, 2.6.19)
-linux-2.6: released (2.6.18-8) [bugfix/2.6.18.4]
-2.6.18-etch: released (2.6.18-8) [bugfix/2.6.18.4]
-2.6.8-sarge-security: released (2.6.8-16sarge6) [bridge-get_fdb_entries-overflow.dpatch]
-2.4.27-sarge-security: N/A
-2.6.12-breezy-security: released (2.6.12-10.41)
-2.6.15-dapper-security: released (2.6.15-27.49)
-2.6.17-edgy-security: released (2.6.17.1-10.34)

Copied: retired/CVE-2006-5751 (from rev 666, active/CVE-2006-5751)

More information about the kernel-sec-discuss mailing list