[kernel-sec-discuss] r1424 - active
Dann Frazier
dannf at alioth.debian.org
Fri Jul 17 07:15:02 UTC 2009
Author: dannf
Date: 2009-07-17 07:15:00 +0000 (Fri, 17 Jul 2009)
New Revision: 1424
Removed:
active/spengler-0day
Log:
This is already committed in CVE-2009-1897.
Feel free to merge any relevant data into that file...
Deleted: active/spengler-0day
===================================================================
--- active/spengler-0day 2009-07-17 06:58:46 UTC (rev 1423)
+++ active/spengler-0day 2009-07-17 07:15:00 UTC (rev 1424)
@@ -1,19 +0,0 @@
-Candidate:
-Description:
- Exploitable null pointer dereference bypass
-References:
- http://seclists.org/fulldisclosure/2009/Jul/0241.html
- http://grsecurity.net/~spender/cheddar_bay.tgz
-Ubuntu-Description:
-Notes:
- According to description, vulnerability introduced in commit 33dccbb050bbe35b88ca8cf1228dcf3e4d4b3554, so apparently only 2.6.30 affected? Notes also say commit backported to RHEL5's 2.6.18, and this it is affected; doubt debian kernels would have gotten the same, but it should be checked.
-Bugs:
-upstream:
-linux-2.6:
-2.6.18-etch-security:
-2.6.24-etch-security:
-2.6.26-lenny-security:
-2.6.15-dapper-security:
-2.6.22-gutsy-security:
-2.6.24-hardy-security:
-2.6.27-intrepid-security:
More information about the kernel-sec-discuss
mailing list