[kernel-sec-discuss] r1469 - active
Michael Gilbert
gilbert-guest at alioth.debian.org
Tue Aug 18 22:37:24 UTC 2009
Author: gilbert-guest
Date: 2009-08-18 22:37:24 +0000 (Tue, 18 Aug 2009)
New Revision: 1469
Modified:
active/CVE-2009-2691
active/CVE-2009-2844
active/CVE-2009-2846
Log:
add descriptions since details were lost by renaming files
Modified: active/CVE-2009-2691
===================================================================
--- active/CVE-2009-2691 2009-08-18 21:39:15 UTC (rev 1468)
+++ active/CVE-2009-2691 2009-08-18 22:37:24 UTC (rev 1469)
@@ -1,5 +1,8 @@
Candidate: CVE-2009-2691
Description:
+ The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier
+ allows local users to read (1) maps and (2) smaps files under proc/ via vectors
+ related to ELF loading, a setuid process, and a race condition.
References:
Ubuntu-Description:
Notes:
Modified: active/CVE-2009-2844
===================================================================
--- active/CVE-2009-2844 2009-08-18 21:39:15 UTC (rev 1468)
+++ active/CVE-2009-2844 2009-08-18 22:37:24 UTC (rev 1469)
@@ -1,5 +1,6 @@
Candidate: CVE-2009-2844
Description:
+ cfg80211: missing NULL pointer checks
References:
Ubuntu-Description:
Notes:
Modified: active/CVE-2009-2846
===================================================================
--- active/CVE-2009-2846 2009-08-18 21:39:15 UTC (rev 1468)
+++ active/CVE-2009-2846 2009-08-18 22:37:24 UTC (rev 1469)
@@ -1,5 +1,12 @@
Candidate: CVE-2009-2846
Description:
+Description:
+ parisc: isa-eeprom missing lower bound check
+ .
+ loff_t is a signed type. If userspace passes a negative ppos, the
+ "count" range check is weakened. If ppos is negative, the readb() later
+ in the function will poke in random memory. Only affects if you are
+ using a PA-RISC kernel with CONFIG_EISA set.
References:
Ubuntu-Description:
Notes:
More information about the kernel-sec-discuss
mailing list