[kernel-sec-discuss] r916 - active retired

jmm at alioth.debian.org jmm at alioth.debian.org
Fri Aug 17 17:00:45 UTC 2007 

Author: jmm
Date: 2007-08-17 17:00:45 +0000 (Fri, 17 Aug 2007)
New Revision: 916

Added:
   retired/CVE-2007-0005
   retired/CVE-2007-1861
Removed:
   active/CVE-2007-0005
   active/CVE-2007-1861
Modified:
   active/CVE-2007-3105
Log:
retire two issues


Deleted: active/CVE-2007-0005
===================================================================
--- active/CVE-2007-0005	2007-08-17 13:04:38 UTC (rev 915)
+++ active/CVE-2007-0005	2007-08-17 17:00:45 UTC (rev 916)
@@ -1,20 +0,0 @@
-Candidate: CVE-2007-0005
-References: 
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=059819a41d4331316dd8ddcf977a24ab338f4300
-Description: 
- Buffer Overflow in Omnikey CardMan 4040 cmx driver
-Ubuntu-Description: 
- The Omnikey CardMan 4040 driver (cm4040_cs) did not limit the size of
- buffers passed to read() and write(). A local attacker could exploit
- this to execute arbitrary code with kernel privileges.
-Notes: 
- dannf> Driver wasn't in sarge
-Bugs: 
-upstream: released (2.6.21, 2.6.20.2)
-linux-2.6: released (2.6.20-1) [2.6.20.2]
-2.6.18-etch-security: released (2.6.18.dfsg.1-12etch1) [bugfix/cm4040-buffer-overflow.patch]
-2.6.8-sarge-security: N/A
-2.4.27-sarge-security: N/A
-2.6.15-dapper-security: released (2.6.15-28.57)
-2.6.17-edgy-security: released (2.6.17.1-11.39) [059819a41d4331316dd8ddcf977a24ab338f4300]
-2.6.20-feisty-security: N/A

Deleted: active/CVE-2007-1861
===================================================================
--- active/CVE-2007-1861	2007-08-17 13:04:38 UTC (rev 915)
+++ active/CVE-2007-1861	2007-08-17 17:00:45 UTC (rev 916)
@@ -1,24 +0,0 @@
-Candidate: CVE-2007-1861
-References: 
- Subject: [PATCH] infinite recursion in netlink
- Message-ID: <20070425183856.GA6028 at ms2.inr.ac.ru>
-Description: 
- The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before
- 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via
- NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack
- overflow.
-Ubuntu-Description: 
- A flaw was discovered in the handling of netlink messages.  Local attackers
- could cause infinite recursion leading to a denial of service.
-Notes: 
- jmm> Introduced in 2.6.13
-Bugs: 
-upstream: released (2.6.20.8, 2.6.21)
-linux-2.6: released (2.6.21-1)
-2.6.18-etch-security: released (2.6.18.dfsg.1-12etch2) [bugfix/netlink-infinite-recursion.patch]
-2.6.8-sarge-security: N/A
-2.4.27-sarge-security: N/A
-2.6.12-breezy-security: N/A
-2.6.15-dapper-security: released (2.6.15-28.57)
-2.6.17-edgy-security: released (2.6.17.1-11.39) [a0819ea9cc4116f4d127c4e015ce146109be1f4b]
-2.6.20-feisty-security: N/A

Modified: active/CVE-2007-3105
===================================================================
--- active/CVE-2007-3105	2007-08-17 13:04:38 UTC (rev 915)
+++ active/CVE-2007-3105	2007-08-17 17:00:45 UTC (rev 916)
@@ -4,7 +4,7 @@
 Ubuntu-Description: 
 Notes: 
 Bugs: 
-upstream: released (2.6.21)
+upstream: released (2.6.21, 2.6.22.3)
 linux-2.6: released (2.6.21-1)
 2.6.18-etch-security: 
 2.6.8-sarge-security: 

Copied: retired/CVE-2007-0005 (from rev 915, active/CVE-2007-0005)
===================================================================
--- retired/CVE-2007-0005	                        (rev 0)
+++ retired/CVE-2007-0005	2007-08-17 17:00:45 UTC (rev 916)
@@ -0,0 +1,20 @@
+Candidate: CVE-2007-0005
+References: 
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=059819a41d4331316dd8ddcf977a24ab338f4300
+Description: 
+ Buffer Overflow in Omnikey CardMan 4040 cmx driver
+Ubuntu-Description: 
+ The Omnikey CardMan 4040 driver (cm4040_cs) did not limit the size of
+ buffers passed to read() and write(). A local attacker could exploit
+ this to execute arbitrary code with kernel privileges.
+Notes: 
+ dannf> Driver wasn't in sarge
+Bugs: 
+upstream: released (2.6.21, 2.6.20.2)
+linux-2.6: released (2.6.20-1) [2.6.20.2]
+2.6.18-etch-security: released (2.6.18.dfsg.1-12etch1) [bugfix/cm4040-buffer-overflow.patch]
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.15-dapper-security: released (2.6.15-28.57)
+2.6.17-edgy-security: released (2.6.17.1-11.39) [059819a41d4331316dd8ddcf977a24ab338f4300]
+2.6.20-feisty-security: N/A

Copied: retired/CVE-2007-1861 (from rev 915, active/CVE-2007-1861)
===================================================================
--- retired/CVE-2007-1861	                        (rev 0)
+++ retired/CVE-2007-1861	2007-08-17 17:00:45 UTC (rev 916)
@@ -0,0 +1,24 @@
+Candidate: CVE-2007-1861
+References: 
+ Subject: [PATCH] infinite recursion in netlink
+ Message-ID: <20070425183856.GA6028 at ms2.inr.ac.ru>
+Description: 
+ The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before
+ 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via
+ NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack
+ overflow.
+Ubuntu-Description: 
+ A flaw was discovered in the handling of netlink messages.  Local attackers
+ could cause infinite recursion leading to a denial of service.
+Notes: 
+ jmm> Introduced in 2.6.13
+Bugs: 
+upstream: released (2.6.20.8, 2.6.21)
+linux-2.6: released (2.6.21-1)
+2.6.18-etch-security: released (2.6.18.dfsg.1-12etch2) [bugfix/netlink-infinite-recursion.patch]
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.12-breezy-security: N/A
+2.6.15-dapper-security: released (2.6.15-28.57)
+2.6.17-edgy-security: released (2.6.17.1-11.39) [a0819ea9cc4116f4d127c4e015ce146109be1f4b]
+2.6.20-feisty-security: N/A

More information about the kernel-sec-discuss mailing list