[kernel-sec-discuss] r1055 - active
jmm at alioth.debian.org
jmm at alioth.debian.org
Fri Dec 7 22:25:20 UTC 2007
Author: jmm
Date: 2007-12-07 22:25:20 +0000 (Fri, 07 Dec 2007)
New Revision: 1055
Added:
active/CVE-2007-5938
Log:
new issue (not affecting released versions of Debian)
Added: active/CVE-2007-5938
===================================================================
--- active/CVE-2007-5938 (rev 0)
+++ active/CVE-2007-5938 2007-12-07 22:25:20 UTC (rev 1055)
@@ -0,0 +1,21 @@
+Candidate: CVE-2007-5938
+Description:
+ The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier
+ dereferences an iwl_get_hw_mode return value without checking for NULL, which might
+ allow remote attackers to cause a denial of service (kernel panic) via unspecified
+ vectors during module initialization.
+References:
+ http://article.gmane.org/gmane.linux.drivers.ipw3945.devel/1618
+ http://bugs.gentoo.org/show_bug.cgi?id=199209
+Ubuntu-Description:
+Notes:
+Bugs:
+upstream:
+linux-2.6:
+2.6.18-etch-security: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.15-dapper-security:
+2.6.17-edgy-security:
+2.6.20-feisty-security:
+2.6.22-gutsy-security:
More information about the kernel-sec-discuss
mailing list