[kernel-sec-discuss] r718 - active
Dann Frazier
dannf at alioth.debian.org
Tue Mar 20 08:10:57 CET 2007
Author: dannf
Date: 2007-03-20 07:10:56 +0000 (Tue, 20 Mar 2007)
New Revision: 718
Modified:
active/CVE-2006-5754
Log:
flesh out and update debian & upstream status
Modified: active/CVE-2006-5754
===================================================================
--- active/CVE-2006-5754 2007-03-20 04:44:33 UTC (rev 717)
+++ active/CVE-2006-5754 2007-03-20 07:10:56 UTC (rev 718)
@@ -1,15 +1,22 @@
Candidate: CVE-2006-5754
References:
-Description: kernel panic in aio_free_ring()
+ https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=220971
+Description:
+ The aio_setup_ring function in Linux kernel does not properly initialize a
+ variable, which allows local users to cause a denial of service (crash) via
+ an unspecified error path that causes an incorrect free operation.
Ubuntu-Description:
Notes:
jmm> 3e45a10919b3bc290147d81a4eb0117f019ba16a
+ dannf> From the description, I'm assuming this is the fix:
+ http://linux.bkbits.net:8080/linux-2.6/?PAGE=cset&REV=418e67e3jfC3msWLXzcdTkI10dwtEg
+ 'aio: remove incorrect initialization of "nr_pages"'
Bugs:
-upstream:
-linux-2.6:
-2.6.18-etch-security:
-2.6.8-sarge-security:
-2.4.27-sarge-security:
+upstream: released (2.6.10-rc2)
+linux-2.6: released (2.6.10-1)
+2.6.18-etch-security: N/A
+2.6.8-sarge-security: pending (2.6.8-16sarge7) [aio-fix-nr_pages-init.dpatch]
+2.4.27-sarge-security: N/A
2.6.12-breezy-security:
2.6.15-dapper-security:
2.6.17-edgy-security:
More information about the kernel-sec-discuss
mailing list