[kernel-sec-discuss] r616 - active

Martin Pitt mpitt at costa.debian.org
Thu Oct 26 11:43:45 UTC 2006 

Author: mpitt
Date: 2006-10-26 11:43:45 +0000 (Thu, 26 Oct 2006)
New Revision: 616

Added:
   active/CVE-2005-4811
Removed:
   active/CVE-2006-4811
Log:
fix CVE name typo: CVE-2006-4811 -> CVE-2005-4811

Copied: active/CVE-2005-4811 (from rev 615, active/CVE-2006-4811)
===================================================================
--- active/CVE-2005-4811	                        (rev 0)
+++ active/CVE-2005-4811	2006-10-26 11:43:45 UTC (rev 616)
@@ -0,0 +1,21 @@
+Candidate: CVE-2005-4811
+References: 
+ http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c7546f8f03f5a4fa612605b6be930234d6026860
+Description: hugetlb dos
+Ubuntu-Description:
+ David Gibson discovered a Denial of Service vulnerability in the
+ unmap_hugepage_area() function. By calling mmap() in a special way, a
+ local user could exploit this to crash the kernel.
+Notes:
+ - Pretty old fix, applied upstream in 2.6.11 or 2.6.12.
+ - 2.6.10 and older have function in arch-specific
+   arch/*/mm/hugetlbpage.c, thus requires some manual porting work
+Bugs: 
+upstream: 
+linux-2.6:
+2.6.8-sarge-security: needed
+2.4.27-sarge-security: needed
+2.6.10-hoary-security: needed
+2.6.12-breezy-security: released
+2.6.15-dapper-security: released
+2.6.17-edgy: released

Deleted: active/CVE-2006-4811
===================================================================
--- active/CVE-2006-4811	2006-10-24 11:20:57 UTC (rev 615)
+++ active/CVE-2006-4811	2006-10-26 11:43:45 UTC (rev 616)
@@ -1,21 +0,0 @@
-Candidate: CVE-2006-4811
-References: 
- http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c7546f8f03f5a4fa612605b6be930234d6026860
-Description: hugetlb dos
-Ubuntu-Description:
- David Gibson discovered a Denial of Service vulnerability in the
- unmap_hugepage_area() function. By calling mmap() in a special way, a
- local user could exploit this to crash the kernel.
-Notes:
- - Pretty old fix, applied upstream in 2.6.11 or 2.6.12.
- - 2.6.10 and older have function in arch-specific
-   arch/*/mm/hugetlbpage.c, thus requires some manual porting work
-Bugs: 
-upstream: 
-linux-2.6:
-2.6.8-sarge-security: needed
-2.4.27-sarge-security: needed
-2.6.10-hoary-security: needed
-2.6.12-breezy-security: released
-2.6.15-dapper-security: released
-2.6.17-edgy: released

More information about the kernel-sec-discuss mailing list