[kernel-sec-discuss] r509 - patch-tracking
Martin Pitt
mpitt at costa.debian.org
Fri Jul 21 12:09:46 UTC 2006
Author: mpitt
Date: 2006-07-21 12:09:45 +0000 (Fri, 21 Jul 2006)
New Revision: 509
Modified:
patch-tracking/CVE-2006-2935
Log:
flesh out CVE-2006-2935
Modified: patch-tracking/CVE-2006-2935
===================================================================
--- patch-tracking/CVE-2006-2935 2006-07-21 12:04:15 UTC (rev 508)
+++ patch-tracking/CVE-2006-2935 2006-07-21 12:09:45 UTC (rev 509)
@@ -1,10 +1,21 @@
-Candidate:
+Candidate: CVE-2006-2935
References:
-Description:
+ http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=454d6fbc48374be8f53b9bafaa86530cf8eb3bc1
+Description: cdrom: fix bad cgc.buflen assignment
+Ubuntu-Description:
+ A buffer overflow has been discovered in the dvd_read_bca() function.
+ By inserting a specially crafted DVD, USB stick, or similar
+ automatically mounted removable device, a local user could crash the
+ machine or potentially even execute arbitrary code with full root
+ privileges.
Notes:
Bugs:
upstream:
linux-2.6.16:
linux-2.6:
2.6.8-sarge-security:
-2.4.27-sarge-security:
\ No newline at end of file
+2.4.27-sarge-security:
+2.6.10-hoary-security: needed
+2.6.12-breezy-security: needed
+2.6.15-dapper-security: pending
+2.6.17-edgy: pending
More information about the kernel-sec-discuss
mailing list