[kernel-sec-discuss] r1054 - active
jmm at alioth.debian.org
jmm at alioth.debian.org
Fri Dec 7 22:15:48 UTC 2007
Author: jmm
Date: 2007-12-07 22:15:48 +0000 (Fri, 07 Dec 2007)
New Revision: 1054
Modified:
active/CVE-2007-3105
Log:
update on older issue
Modified: active/CVE-2007-3105
===================================================================
--- active/CVE-2007-3105 2007-12-07 22:14:06 UTC (rev 1053)
+++ active/CVE-2007-3105 2007-12-07 22:15:48 UTC (rev 1054)
@@ -14,12 +14,15 @@
environments with granular assignment of root privileges, a local attacker
could gain additional privileges.
Notes:
+ jmm> Vulnerable code not present in 2.4.27
+ jmm> 2.6.8 is affected, but since we don't have full SE Linux support in
+ jmm> Sarge, I don't believe this is an issue, which needs to be fixed
Bugs:
upstream: released (2.6.21, 2.6.22.3)
linux-2.6: released (2.6.21-1)
2.6.18-etch-security: released (2.6.18.dfsg.1-13etch2) [bugfix/random-bound-check-ordering.patch]
2.6.8-sarge-security:
-2.4.27-sarge-security:
+2.4.27-sarge-security: N/A
2.6.15-dapper-security: released (2.6.15-29.58)
2.6.17-edgy-security: released (2.6.17.1-12.40) [f22710043b7d89b496f7910e9c87ed62519dff14]
2.6.20-feisty-security: released (2.6.20-16.31) [542a98d0809f0eccc5cf23ed402285e995e0b31e]
More information about the kernel-sec-discuss
mailing list