[kernel-sec-discuss] r1608 - active retired

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Nov 16 23:49:19 UTC 2009 

Author: jmm
Date: 2009-11-16 23:49:19 +0000 (Mon, 16 Nov 2009)
New Revision: 1608

Added:
   retired/CVE-2009-3640
Removed:
   active/CVE-2009-3640
Log:
retire issue


Deleted: active/CVE-2009-3640
===================================================================
--- active/CVE-2009-3640	2009-11-16 23:45:35 UTC (rev 1607)
+++ active/CVE-2009-3640	2009-11-16 23:49:19 UTC (rev 1608)
@@ -1,17 +0,0 @@
-Candidate: CVE-2009-3640
-Description:
- kvm update_cr8_intercept() null ptr dereference
-References:
- http://www.openwall.com/lists/oss-security/2009/10/24/1
- http://git.kernel.org/linus/88c808fd42b53a7e01a2ac3253ef31fef74cb5af
-Notes:
- kvm support introduced in 2.6.25
- jmm> The 2.6.26 has the code in a different file, in which is was still
- jmm> guarded for APIC. I've send Avi an email and he confirmed that
- jmm> older kernels are not affected
-Bugs:
-upstream: released (2.6.32-rc1) [88c808fd42b53a7e01a2ac3253ef31fef74cb5af], released (2.6.31.2) [c3443b436a0767cbc0d4ab405f8fa13fb34bd56c]
-linux-2.6: released (2.6.31-1)
-2.6.18-etch-security: N/A "no kvm"
-2.6.24-etch-security: N/A "no kvm"
-2.6.26-lenny-security: N/A

Copied: retired/CVE-2009-3640 (from rev 1607, active/CVE-2009-3640)
===================================================================
--- retired/CVE-2009-3640	                        (rev 0)
+++ retired/CVE-2009-3640	2009-11-16 23:49:19 UTC (rev 1608)
@@ -0,0 +1,17 @@
+Candidate: CVE-2009-3640
+Description:
+ kvm update_cr8_intercept() null ptr dereference
+References:
+ http://www.openwall.com/lists/oss-security/2009/10/24/1
+ http://git.kernel.org/linus/88c808fd42b53a7e01a2ac3253ef31fef74cb5af
+Notes:
+ kvm support introduced in 2.6.25
+ jmm> The 2.6.26 has the code in a different file, in which is was still
+ jmm> guarded for APIC. I've send Avi an email and he confirmed that
+ jmm> older kernels are not affected
+Bugs:
+upstream: released (2.6.32-rc1) [88c808fd42b53a7e01a2ac3253ef31fef74cb5af], released (2.6.31.2) [c3443b436a0767cbc0d4ab405f8fa13fb34bd56c]
+linux-2.6: released (2.6.31-1)
+2.6.18-etch-security: N/A "no kvm"
+2.6.24-etch-security: N/A "no kvm"
+2.6.26-lenny-security: N/A

More information about the kernel-sec-discuss mailing list