[kernel-sec-discuss] r680 - active
Martin Pitt
mpitt at alioth.debian.org
Mon Jan 15 19:21:10 CET 2007
Author: mpitt
Date: 2007-01-15 19:21:10 +0100 (Mon, 15 Jan 2007)
New Revision: 680
Added:
active/CVE-2006-5757
Log:
add CVE-2006-5757
Added: active/CVE-2006-5757
===================================================================
--- active/CVE-2006-5757 2007-01-15 18:10:15 UTC (rev 679)
+++ active/CVE-2006-5757 2007-01-15 18:21:10 UTC (rev 680)
@@ -0,0 +1,21 @@
+Candidate: CVE-2006-5757
+References:
+Description:
+ Race condition in the __find_get_block_slow function in the ISO9660
+ filesystem in Linux 2.6.18 and possibly other versions allows local
+ users to cause a denial of service (infinite loop) by mounting a
+ crafted ISO9660 filesystem containing malformed data structures.
+Ubuntu-Description:
+Notes:
+ http://projects.info-pull.com/mokb/MOKB-05-11-2006.html
+ Fixed in Mandriva: http://www.mandriva.com/security/advisories?name=MDKSA-2007:002
+ apparently not yet patched upstream
+Bugs:
+upstream:
+linux-2.6:
+2.6.18-etch: needed
+2.6.8-sarge-security: needed
+2.4.27-sarge-security:
+2.6.12-breezy-security: needed
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
More information about the kernel-sec-discuss
mailing list