[kernel-sec-discuss] r1425 - active
Michael Gilbert
gilbert-guest at alioth.debian.org
Fri Jul 17 07:25:56 UTC 2009
Author: gilbert-guest
Date: 2009-07-17 07:25:55 +0000 (Fri, 17 Jul 2009)
New Revision: 1425
Modified:
active/CVE-2009-1897
Log:
had just realized that as i was reading into it further; updates added
Modified: active/CVE-2009-1897
===================================================================
--- active/CVE-2009-1897 2009-07-17 07:15:00 UTC (rev 1424)
+++ active/CVE-2009-1897 2009-07-17 07:25:55 UTC (rev 1425)
@@ -1,8 +1,12 @@
Candidate: CVE-2009-1897
Description:
+ Null pointer dereference bypass in tun/tap
References:
+ http://seclists.org/fulldisclosure/2009/Jul/0241.html
+ http://grsecurity.net/~spender/cheddar_bay.tgz
Ubuntu-Description:
Notes:
+ According to description, vulnerability introduced in commit 33dccbb050bbe35b88ca8cf1228dcf3e4d4b3554, so only 2.6.30 affected.
Bugs:
upstream: pending (2.6.31-rc4) [3c8a9c63d5fd738c261bd0ceece04d9c8357ca13]
linux-2.6: pending (2.6.30-3) [bugfix/all/tun-tap-fix-crash-on-open-and-poll.patch]
More information about the kernel-sec-discuss
mailing list