[kernel-sec-discuss] r1914 - active
Michael Gilbert
gilbert-guest at alioth.debian.org
Thu Aug 19 03:13:16 UTC 2010
Author: gilbert-guest
Date: 2010-08-19 03:12:59 +0000 (Thu, 19 Aug 2010)
New Revision: 1914
Added:
active/CVE-2010-net-sched-infoleak
active/CVE-2010-xfs-infoleak
Log:
new issues
Added: active/CVE-2010-net-sched-infoleak
===================================================================
--- active/CVE-2010-net-sched-infoleak (rev 0)
+++ active/CVE-2010-net-sched-infoleak 2010-08-19 03:12:59 UTC (rev 1914)
@@ -0,0 +1,12 @@
+Candidate: needed
+Description:
+ 32-bits of kernel memory are leaked to user land via tc dump
+References:
+ http://www.openwall.com/lists/oss-security/2010/08/18/1
+Notes:
+Bugs:
+upstream: needed
+2.6.32-upstream-stable: needed
+linux-2.6: needed
+2.6.26-lenny-security: needed
+2.6.32-squeeze-security: needed
Added: active/CVE-2010-xfs-infoleak
===================================================================
--- active/CVE-2010-xfs-infoleak (rev 0)
+++ active/CVE-2010-xfs-infoleak 2010-08-19 03:12:59 UTC (rev 1914)
@@ -0,0 +1,14 @@
+Candidate: needed
+Description:
+ xfs leak due to filehandle conversion issue
+References:
+ http://www.openwall.com/lists/oss-security/2010/08/18/2
+Notes:
+ also need regression fix (not commited yet):
+ http://oss.sgi.com/archives/xfs/2010-08/msg00179.html
+Bugs:
+upstream: release (2.6.35) [7dce11db,7124fe0a,1920779e,7b6259e7]
+2.6.32-upstream-stable: needed
+linux-2.6: needed
+2.6.26-lenny-security: needed
+2.6.32-squeeze-security: needed
More information about the kernel-sec-discuss
mailing list