[kernel-sec-discuss] r1505 - active
Michael Gilbert
gilbert-guest at alioth.debian.org
Sun Oct 4 05:12:25 UTC 2009
Author: gilbert-guest
Date: 2009-10-04 05:12:22 +0000 (Sun, 04 Oct 2009)
New Revision: 1505
Added:
active/CVE-2009-64bit-registers-leaked-to-32bit-processes
active/CVE-2009-potential-buffer-overflows-in-net
Log:
new issues
Added: active/CVE-2009-64bit-registers-leaked-to-32bit-processes
===================================================================
--- active/CVE-2009-64bit-registers-leaked-to-32bit-processes (rev 0)
+++ active/CVE-2009-64bit-registers-leaked-to-32bit-processes 2009-10-04 05:12:22 UTC (rev 1505)
@@ -0,0 +1,15 @@
+Candidate: requested on oss-sec
+Description:
+ 32-bit processes running on an x86_64 machine can see uncleared content in registers
+ R8-R15.
+References:
+ http://www.openwall.com/lists/oss-security/2009/10/01/2
+Ubuntu-Description:
+Notes:
+ info leak, so not too severe or urgent
+Bugs:
+upstream: pending (2.6.32-rc2) [24e35800cdc4350fc34e2bed37b608a9e13ab3b6]
+linux-2.6:
+2.6.18-etch-security:
+2.6.24-etch-security:
+2.6.26-lenny-security:
Added: active/CVE-2009-potential-buffer-overflows-in-net
===================================================================
--- active/CVE-2009-potential-buffer-overflows-in-net (rev 0)
+++ active/CVE-2009-potential-buffer-overflows-in-net 2009-10-04 05:12:22 UTC (rev 1505)
@@ -0,0 +1,13 @@
+Candidate: need to request one
+Description:
+ some wrong sizeof allocations could potentially allow buffer overflows
+References:
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=b607bd900051efc3308c4edc65dd98b34b230021
+Ubuntu-Description:
+Notes:
+Bugs:
+upstream: pending (2.6.32-rc2) [b607bd900051efc3308c4edc65dd98b34b230021]
+linux-2.6:
+2.6.18-etch-security:
+2.6.24-etch-security:
+2.6.26-lenny-security:
More information about the kernel-sec-discuss
mailing list