[kernel-sec-discuss] r1115 - active retired

jmm at alioth.debian.org jmm at alioth.debian.org
Tue Jan 29 18:21:01 UTC 2008 

Author: jmm
Date: 2008-01-29 18:21:01 +0000 (Tue, 29 Jan 2008)
New Revision: 1115

Added:
   retired/CVE-2007-6434
Removed:
   active/CVE-2007-6434
Log:
retire another issue


Deleted: active/CVE-2007-6434
===================================================================
--- active/CVE-2007-6434	2008-01-29 18:19:54 UTC (rev 1114)
+++ active/CVE-2007-6434	2008-01-29 18:21:01 UTC (rev 1115)
@@ -1,20 +0,0 @@
-Candidate: CVE-2007-6434
-Description: 
- Linux kernel 2.6.23 allows local users to create low pages in virtual userspace
- memory and bypass mmap_min_addr protection via a crafted executable file that calls
- the do_brk function.
-References: 
- http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.24-rc5
-Ubuntu-Description: 
-Notes: 
- kees> ecaf18c15aac8bb9bed7b7aa0e382fe252e275d5 (however, I think this only applied to 2.6.23 or newer -- security_file_mmap didn't take addresses until then)
-Bugs: 
-upstream: released (2.6.24-rc5)
-linux-2.6: released (2.6.23-2)
-2.6.18-etch-security: N/A
-2.6.8-sarge-security: N/A
-2.4.27-sarge-security: N/A
-2.6.15-dapper-security: N/A
-2.6.17-edgy-security: N/A
-2.6.20-feisty-security: N/A
-2.6.22-gutsy-security: N/A

Copied: retired/CVE-2007-6434 (from rev 1112, active/CVE-2007-6434)
===================================================================
--- retired/CVE-2007-6434	                        (rev 0)
+++ retired/CVE-2007-6434	2008-01-29 18:21:01 UTC (rev 1115)
@@ -0,0 +1,20 @@
+Candidate: CVE-2007-6434
+Description: 
+ Linux kernel 2.6.23 allows local users to create low pages in virtual userspace
+ memory and bypass mmap_min_addr protection via a crafted executable file that calls
+ the do_brk function.
+References: 
+ http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.24-rc5
+Ubuntu-Description: 
+Notes: 
+ kees> ecaf18c15aac8bb9bed7b7aa0e382fe252e275d5 (however, I think this only applied to 2.6.23 or newer -- security_file_mmap didn't take addresses until then)
+Bugs: 
+upstream: released (2.6.24-rc5)
+linux-2.6: released (2.6.23-2)
+2.6.18-etch-security: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: N/A

More information about the kernel-sec-discuss mailing list