[kernel-sec-discuss] r847 - active retired

jmm at alioth.debian.org jmm at alioth.debian.org
Wed Jun 6 06:30:59 UTC 2007 

Author: jmm
Date: 2007-06-06 06:30:59 +0000 (Wed, 06 Jun 2007)
New Revision: 847

Added:
   retired/CVE-2007-1734
Removed:
   active/CVE-2007-1734
Log:
retire CVE-2007-1734


Deleted: active/CVE-2007-1734
===================================================================
--- active/CVE-2007-1734	2007-06-06 06:29:52 UTC (rev 846)
+++ active/CVE-2007-1734	2007-06-06 06:30:59 UTC (rev 847)
@@ -1,20 +0,0 @@
-Candidate: CVE-2007-1734
-References: 
- http://www.securityfocus.com/archive/1/archive/1/463969/100/0/threaded
-Description: 
- The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in
- Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen
- value, which allows local users running on certain architectures to read
- kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730
-Ubuntu-Description: 
-Notes: 
-Bugs: 420875
-upstream: released (2.6.20.5, 2.6.21)
-linux-2.6: released (2.6.20-1) [bugfix/2.6.20.5]
-2.6.18-etch-security: N/A
-2.6.8-sarge-security: N/A
-2.4.27-sarge-security: N/A
-2.6.12-breezy-security: N/A
-2.6.15-dapper-security: N/A
-2.6.17-edgy-security: N/A
-2.6.20-feisty-security: published (linux-source-2.6.20-16.28)

Copied: retired/CVE-2007-1734 (from rev 845, active/CVE-2007-1734)
===================================================================
--- retired/CVE-2007-1734	                        (rev 0)
+++ retired/CVE-2007-1734	2007-06-06 06:30:59 UTC (rev 847)
@@ -0,0 +1,20 @@
+Candidate: CVE-2007-1734
+References: 
+ http://www.securityfocus.com/archive/1/archive/1/463969/100/0/threaded
+Description: 
+ The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in
+ Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen
+ value, which allows local users running on certain architectures to read
+ kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730
+Ubuntu-Description: 
+Notes: 
+Bugs: 420875
+upstream: released (2.6.20.5, 2.6.21)
+linux-2.6: released (2.6.20-1) [bugfix/2.6.20.5]
+2.6.18-etch-security: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.12-breezy-security: N/A
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: published (linux-source-2.6.20-16.28)

More information about the kernel-sec-discuss mailing list