[kernel-sec-discuss] r2066 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue Dec 7 09:48:05 UTC 2010
Author: jmm
Date: 2010-12-07 09:48:02 +0000 (Tue, 07 Dec 2010)
New Revision: 2066
Added:
active/CVE-2010-4161
active/CVE-2010-4175
active/CVE-2010-4247
active/CVE-2010-4262
active/CVE-2010-4263
Log:
new kernel issues
Added: active/CVE-2010-4161
===================================================================
--- active/CVE-2010-4161 (rev 0)
+++ active/CVE-2010-4161 2010-12-07 09:48:02 UTC (rev 2066)
@@ -0,0 +1,18 @@
+Candidate: CVE-2010-4161
+Description:
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4161
+Notes:
+ jmm> The referenced patch ended up in 2.6.26.6, which was
+ jmm> pulled into the Lenny package. I find the statement in
+ jmm> https://bugzilla.redhat.com/show_bug.cgi?id=652534#c4
+ jmm> a bit confusing, why should RHEL6 have backported
+ jmm> fda9ef5d, the commit is from 2006?
+ jmm> Marking 2.6.27 as fixed upstream, since it includes
+ jmm> 93821778
+Bugs:
+upstream: released (2.6.27)
+2.6.32-upstream-stable: N/A
+linux-2.6: released (2.6.28-1)
+2.6.26-lenny-security:
+2.6.32-squeeze-security: N/A
Added: active/CVE-2010-4175
===================================================================
--- active/CVE-2010-4175 (rev 0)
+++ active/CVE-2010-4175 2010-12-07 09:48:02 UTC (rev 2066)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-4175
+Description:
+References:
+ http://marc.info/?l=linux-netdev&m=129001184803080&w=2
+Notes:
+Bugs:
+upstream: released (2.6.37-rc3) [218854af84038d828a32f061858b1902ed2beec6]
+2.6.32-upstream-stable:
+linux-2.6:
+2.6.26-lenny-security:
+2.6.32-squeeze-security:
Added: active/CVE-2010-4247
===================================================================
--- active/CVE-2010-4247 (rev 0)
+++ active/CVE-2010-4247 2010-12-07 09:48:02 UTC (rev 2066)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-4247
+Description: Xen DoS
+References:
+ http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d
+ http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c
+Notes:
+Bugs:
+upstream:
+2.6.32-upstream-stable:
+linux-2.6:
+2.6.26-lenny-security:
+2.6.32-squeeze-security:
Added: active/CVE-2010-4262
===================================================================
--- active/CVE-2010-4262 (rev 0)
+++ active/CVE-2010-4262 2010-12-07 09:48:02 UTC (rev 2066)
@@ -0,0 +1,10 @@
+Candidate: CVE-2010-4262
+Description:
+References:
+Notes:
+Bugs:
+upstream:
+2.6.32-upstream-stable:
+linux-2.6:
+2.6.26-lenny-security:
+2.6.32-squeeze-security:
Added: active/CVE-2010-4263
===================================================================
--- active/CVE-2010-4263 (rev 0)
+++ active/CVE-2010-4263 2010-12-07 09:48:02 UTC (rev 2066)
@@ -0,0 +1,10 @@
+Candidate: CVE-2010-4263
+Description: igb panic w/ vlan packets
+References:
+Notes:
+Bugs:
+upstream: released (2.6.34) [31b24b955c3ebbb6f3008a6374e61cf7c05a193c]
+2.6.32-upstream-stable: needed
+linux-2.6: needed
+2.6.26-lenny-security: N/A "Vulnerable code not present"
+2.6.32-squeeze-security: needed
More information about the kernel-sec-discuss
mailing list