[kernel-sec-discuss] r1260 - active

Mon Nov 10 18:29:56 UTC 2008

Author: dannf
Date: 2008-11-10 18:29:56 +0000 (Mon, 10 Nov 2008)
New Revision: 1260

Added:
   active/CVE-2008-4933
   active/CVE-2008-4934
   active/CVE-2008-5025
   active/CVE-2008-5029
Log:
new issues from oss-security

Copied: active/CVE-2008-4933 (from rev 1258, active/00boilerplate)
===================================================================

--- active/CVE-2008-4933	                        (rev 0)
+++ active/CVE-2008-4933	2008-11-10 18:29:56 UTC (rev 1260)
@@ -0,0 +1,17 @@
+Candidate: CVE-2008-4933
+Description:
+References:
+ http://www.openwall.com/lists/oss-security/2008/11/03/2
+ efc7ffcb4237f8cb9938909041c4ed38f6e1bf40
+Ubuntu-Description:
+Notes:
+Bugs:
+upstream:
+linux-2.6:
+2.6.18-etch-security:
+2.6.24-etch-security:
+2.6.26-lenny-security:
+2.6.15-dapper-security:
+2.6.20-feisty-security:
+2.6.22-gutsy-security:
+2.6.24-hardy-security:


Property changes on: active/CVE-2008-4933
___________________________________________________________________
Name: svn:mergeinfo
   + 

Copied: active/CVE-2008-4934 (from rev 1258, active/00boilerplate)
===================================================================
--- active/CVE-2008-4934	                        (rev 0)
+++ active/CVE-2008-4934	2008-11-10 18:29:56 UTC (rev 1260)
@@ -0,0 +1,17 @@
+Candidate: CVE-2008-4934
+Description:
+References:
+ http://www.openwall.com/lists/oss-security/2008/11/03/2
+ 649f1ee6c705aab644035a7998d7b574193a598a
+Ubuntu-Description:
+Notes:
+Bugs:
+upstream:
+linux-2.6:
+2.6.18-etch-security:
+2.6.24-etch-security:
+2.6.26-lenny-security:
+2.6.15-dapper-security:
+2.6.20-feisty-security:
+2.6.22-gutsy-security:
+2.6.24-hardy-security:


Property changes on: active/CVE-2008-4934
___________________________________________________________________
Name: svn:mergeinfo
   + 

Copied: active/CVE-2008-5025 (from rev 1258, active/00boilerplate)
===================================================================
--- active/CVE-2008-5025	                        (rev 0)
+++ active/CVE-2008-5025	2008-11-10 18:29:56 UTC (rev 1260)
@@ -0,0 +1,17 @@
+Candidate: CVE-2008-5025
+Description:
+References:
+ http://www.openwall.com/lists/oss-security/2008/11/10/3
+ d38b7aa
+Ubuntu-Description:
+Notes:
+Bugs:
+upstream:
+linux-2.6:
+2.6.18-etch-security:
+2.6.24-etch-security:
+2.6.26-lenny-security:
+2.6.15-dapper-security:
+2.6.20-feisty-security:
+2.6.22-gutsy-security:
+2.6.24-hardy-security:


Property changes on: active/CVE-2008-5025
___________________________________________________________________
Name: svn:mergeinfo
   + 

Copied: active/CVE-2008-5029 (from rev 1258, active/00boilerplate)
===================================================================
--- active/CVE-2008-5029	                        (rev 0)
+++ active/CVE-2008-5029	2008-11-10 18:29:56 UTC (rev 1260)
@@ -0,0 +1,24 @@
+Candidate: CVE-2008-5029
+Description:
+ The __scm_destroy function in net/core/scm.c in the Linux kernel
+ 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself
+ through calls to the fput function, which allows local users to cause
+ a denial of service (panic) via vectors related to sending an
+ SCM_RIGHTS message through a UNIX domain socket and closing file
+ descriptors.
+References:
+ http://marc.info/?l=linux-netdev&m=122593044330973&w=2
+ http://www.openwall.com/lists/oss-security/2008/11/06/1
+ https://bugzilla.redhat.com/show_bug.cgi?id=470201
+Ubuntu-Description:
+Notes:
+Bugs:
+upstream:
+linux-2.6:
+2.6.18-etch-security:
+2.6.24-etch-security:
+2.6.26-lenny-security:
+2.6.15-dapper-security:
+2.6.20-feisty-security:
+2.6.22-gutsy-security:
+2.6.24-hardy-security:


Property changes on: active/CVE-2008-5029
___________________________________________________________________
Name: svn:mergeinfo
   + 


