[kernel-sec-discuss] r689 - active
Martin Pitt
mpitt at alioth.debian.org
Tue Jan 16 11:48:28 CET 2007
Author: mpitt
Date: 2007-01-16 11:48:28 +0100 (Tue, 16 Jan 2007)
New Revision: 689
Modified:
active/CVE-2006-6057
Log:
CVE-2006-6057: some more info
Modified: active/CVE-2006-6057
===================================================================
--- active/CVE-2006-6057 2007-01-16 10:40:29 UTC (rev 688)
+++ active/CVE-2006-6057 2007-01-16 10:48:28 UTC (rev 689)
@@ -1,15 +1,29 @@
Candidate: CVE-2006-6057
References:
-Description: GFS DoS
+ http://projects.info-pull.com/mokb/MOKB-15-11-2006.html
+Description:
+ The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on
+ Fedora Core 6 and possibly other operating systems, allows local
+ users to cause a denial of service (crash) via a malformed gfs2 file
+ stream that triggers a NULL pointer dereference in the init_journal
+ function.
Ubuntu-Description:
Notes:
+ <fabbione> yes we do but it's not usable
+ <pitti> that means you cannot create a gfs2 fs?
+ <fabbione> it's marked as experimental
+ <fabbione> you can
+ <fabbione> but there is no way it will last working for more than 10 seconds on load
+ <fabbione> it's totally buggy at design level
+ <fabbione> even what's in linus tree is broken
+ <pitti> ok, so we can treat this with low priority
Bugs:
upstream:
linux-2.6:
2.6.18-etch:
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
-2.6.12-breezy-security:
-2.6.15-dapper-security:
-2.6.17-edgy-security:
-2.6.19-feisty:
+2.6.12-breezy-security: N/A
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: needed
+2.6.20-feisty: needed
More information about the kernel-sec-discuss
mailing list