[kernel-sec-discuss] r1732 - active retired
Moritz Muehlenhoff
jmm at alioth.debian.org
Sun Feb 14 21:07:49 UTC 2010
Author: jmm
Date: 2010-02-14 21:07:42 +0000 (Sun, 14 Feb 2010)
New Revision: 1732
Added:
retired/CVE-2007-2480
retired/CVE-2009-1072
retired/CVE-2009-1758
retired/CVE-2009-2910
Removed:
active/CVE-2007-2480
active/CVE-2009-1072
active/CVE-2009-1758
active/CVE-2009-2910
Log:
retire issues
Deleted: active/CVE-2007-2480
===================================================================
--- active/CVE-2007-2480 2010-02-14 21:05:53 UTC (rev 1731)
+++ active/CVE-2007-2480 2010-02-14 21:07:42 UTC (rev 1732)
@@ -1,25 +0,0 @@
-Candidate: CVE-2007-2480
-References:
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=de34ed91c4ffa4727964a832c46e624dd1495cf5
-Description:
- The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and
- earlier does not prevent a bind to a port with a local address when there is
- already a bind to that port with a wildcard local address, which might allow
- local users to intercept local traffic for daemons or other applications.
-Ubuntu-Description:
-Notes:
- jmm> It was indicated that the vulnerable code was introduced in some code
- jmm> reorg after 2.6.18
-Bugs:
-upstream: released (2.6.22)
-linux-2.6: released (2.6.22-1)
-2.6.18-etch-security: ignored (EOL)
-2.6.24-etch-security: N/A
-2.6.26-lenny-security: N/A
-2.6.8-sarge-security: ignored (2.6.8-17sarge1) "needs backport"
-2.4.27-sarge-security: ignored (2.4.27-10sarge6) "needs backport if affected"
-2.6.15-dapper-security: N/A
-2.6.17-edgy-security: N/A
-2.6.20-feisty-security: ignored (unreproduced)
-2.6.22-gutsy-security: N/A
-2.6.24-hardy-security: N/A
Deleted: active/CVE-2009-1072
===================================================================
--- active/CVE-2009-1072 2010-02-14 21:05:53 UTC (rev 1731)
+++ active/CVE-2009-1072 2010-02-14 21:07:42 UTC (rev 1732)
@@ -1,23 +0,0 @@
-Candidate: CVE-2009-1072
-Description:
- nfsd in the Linux kernel before 2.6.28.9 does not drop the
- CAP_MKNOD capability before handling a user request in a
- thread, which allows local users to create device nodes, as
- demonstrated on a filesystem that has been exported with
- the root_squash option.
-References:
- http://thread.gmane.org/gmane.linux.kernel/805280
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=76a67ec6fb79ff3570dcb5342142c16098299911
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.9
-Ubuntu-Description:
-Notes:
-Bugs:
-upstream: released (2.6.28.9, 2.6.29)
-linux-2.6: released (2.6.29-1)
-2.6.18-etch-security: ignored (EOL)
-2.6.24-etch-security: ignored (EOL)
-2.6.26-lenny-security: released (2.6.26-15lenny1) [bugfix/all/nfsd-drop-CAP_MKNOD-for-non-root.patch]
-2.6.15-dapper-security:
-2.6.22-gutsy-security:
-2.6.24-hardy-security:
-2.6.27-intrepid-security:
Deleted: active/CVE-2009-1758
===================================================================
--- active/CVE-2009-1758 2010-02-14 21:05:53 UTC (rev 1731)
+++ active/CVE-2009-1758 2010-02-14 21:07:42 UTC (rev 1732)
@@ -1,20 +0,0 @@
-Candidate: CVE-2009-1578
-Description:
-References:
- http://lists.xensource.com/archives/html/xen-devel/2009-05/msg00561.html
- http://www.openwall.com/lists/oss-security/2009/05/14/2
- http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/9b9454800544
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1758
-Ubuntu-Description:
-Notes:
-Bugs:
- 536148
-upstream: N/A "not in upstream xen code"
-linux-2.6: released (2.6.28-1) "bug in dom0 code, which has been removed since debian 2.6.28 kernel"
-2.6.18-etch-security: ignored (EOL)
-2.6.24-etch-security: N/A "no xen support"
-2.6.26-lenny-security: released (2.6.26-15lenny3) [features/all/xen/i386-hypervisor_callback-adjustments.patch]
-2.6.15-dapper-security:
-2.6.22-gutsy-security:
-2.6.24-hardy-security:
-2.6.27-intrepid-security:
Deleted: active/CVE-2009-2910
===================================================================
--- active/CVE-2009-2910 2010-02-14 21:05:53 UTC (rev 1731)
+++ active/CVE-2009-2910 2010-02-14 21:07:42 UTC (rev 1732)
@@ -1,16 +0,0 @@
-Candidate: CVE-2009-2910
-Description:
- 32-bit processes running on an x86_64 machine can see uncleared content in registers
- R8-R15.
-References:
- http://www.openwall.com/lists/oss-security/2009/10/01/2
-Notes:
- attackers can see all content passing thru these registers, so this may be somewhat
- urgent since it may be possible to piece the info together to recover passwords or
- other badness
-Bugs:
-upstream: released (2.6.31.4) [ee39c2f3e1e667314c018c9fd1e205c97e746bd2], released (2.6.32-rc4) [24e35800cdc4350fc34e2bed37b608a9e13ab3b6]
-linux-2.6: released (2.6.31-1~experimental.2) [bugfix/all/stable/2.6.31.4.patch]
-2.6.18-etch-security: ignored (EOL)
-2.6.24-etch-security: released (2.6.24-6~etchnhalf.9etch1) [bugfix/x86-64-slightly-stream-line-32-bit-syscall-entry-code.patch, bugfix/don-t-leak-64-bit-kernel-register-values-to-32-bit-processes.patch]
-2.6.26-lenny-security: released (2.6.26-19lenny1) [bugfix/x86/x86-64-slightly-stream-line-32-bit-syscall-entry-code.patch, bugfix/x86/don-t-leak-64-bit-kernel-register-values-to-32-bit-processes.patch]
Copied: retired/CVE-2007-2480 (from rev 1731, active/CVE-2007-2480)
===================================================================
--- retired/CVE-2007-2480 (rev 0)
+++ retired/CVE-2007-2480 2010-02-14 21:07:42 UTC (rev 1732)
@@ -0,0 +1,25 @@
+Candidate: CVE-2007-2480
+References:
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=de34ed91c4ffa4727964a832c46e624dd1495cf5
+Description:
+ The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and
+ earlier does not prevent a bind to a port with a local address when there is
+ already a bind to that port with a wildcard local address, which might allow
+ local users to intercept local traffic for daemons or other applications.
+Ubuntu-Description:
+Notes:
+ jmm> It was indicated that the vulnerable code was introduced in some code
+ jmm> reorg after 2.6.18
+Bugs:
+upstream: released (2.6.22)
+linux-2.6: released (2.6.22-1)
+2.6.18-etch-security: ignored (EOL)
+2.6.24-etch-security: N/A
+2.6.26-lenny-security: N/A
+2.6.8-sarge-security: ignored (2.6.8-17sarge1) "needs backport"
+2.4.27-sarge-security: ignored (2.4.27-10sarge6) "needs backport if affected"
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: ignored (unreproduced)
+2.6.22-gutsy-security: N/A
+2.6.24-hardy-security: N/A
Copied: retired/CVE-2009-1072 (from rev 1731, active/CVE-2009-1072)
===================================================================
--- retired/CVE-2009-1072 (rev 0)
+++ retired/CVE-2009-1072 2010-02-14 21:07:42 UTC (rev 1732)
@@ -0,0 +1,23 @@
+Candidate: CVE-2009-1072
+Description:
+ nfsd in the Linux kernel before 2.6.28.9 does not drop the
+ CAP_MKNOD capability before handling a user request in a
+ thread, which allows local users to create device nodes, as
+ demonstrated on a filesystem that has been exported with
+ the root_squash option.
+References:
+ http://thread.gmane.org/gmane.linux.kernel/805280
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=76a67ec6fb79ff3570dcb5342142c16098299911
+ http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.9
+Ubuntu-Description:
+Notes:
+Bugs:
+upstream: released (2.6.28.9, 2.6.29)
+linux-2.6: released (2.6.29-1)
+2.6.18-etch-security: ignored (EOL)
+2.6.24-etch-security: ignored (EOL)
+2.6.26-lenny-security: released (2.6.26-15lenny1) [bugfix/all/nfsd-drop-CAP_MKNOD-for-non-root.patch]
+2.6.15-dapper-security:
+2.6.22-gutsy-security:
+2.6.24-hardy-security:
+2.6.27-intrepid-security:
Copied: retired/CVE-2009-1758 (from rev 1731, active/CVE-2009-1758)
===================================================================
--- retired/CVE-2009-1758 (rev 0)
+++ retired/CVE-2009-1758 2010-02-14 21:07:42 UTC (rev 1732)
@@ -0,0 +1,20 @@
+Candidate: CVE-2009-1578
+Description:
+References:
+ http://lists.xensource.com/archives/html/xen-devel/2009-05/msg00561.html
+ http://www.openwall.com/lists/oss-security/2009/05/14/2
+ http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/9b9454800544
+ https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1758
+Ubuntu-Description:
+Notes:
+Bugs:
+ 536148
+upstream: N/A "not in upstream xen code"
+linux-2.6: released (2.6.28-1) "bug in dom0 code, which has been removed since debian 2.6.28 kernel"
+2.6.18-etch-security: ignored (EOL)
+2.6.24-etch-security: N/A "no xen support"
+2.6.26-lenny-security: released (2.6.26-15lenny3) [features/all/xen/i386-hypervisor_callback-adjustments.patch]
+2.6.15-dapper-security:
+2.6.22-gutsy-security:
+2.6.24-hardy-security:
+2.6.27-intrepid-security:
Copied: retired/CVE-2009-2910 (from rev 1731, active/CVE-2009-2910)
===================================================================
--- retired/CVE-2009-2910 (rev 0)
+++ retired/CVE-2009-2910 2010-02-14 21:07:42 UTC (rev 1732)
@@ -0,0 +1,16 @@
+Candidate: CVE-2009-2910
+Description:
+ 32-bit processes running on an x86_64 machine can see uncleared content in registers
+ R8-R15.
+References:
+ http://www.openwall.com/lists/oss-security/2009/10/01/2
+Notes:
+ attackers can see all content passing thru these registers, so this may be somewhat
+ urgent since it may be possible to piece the info together to recover passwords or
+ other badness
+Bugs:
+upstream: released (2.6.31.4) [ee39c2f3e1e667314c018c9fd1e205c97e746bd2], released (2.6.32-rc4) [24e35800cdc4350fc34e2bed37b608a9e13ab3b6]
+linux-2.6: released (2.6.31-1~experimental.2) [bugfix/all/stable/2.6.31.4.patch]
+2.6.18-etch-security: ignored (EOL)
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.9etch1) [bugfix/x86-64-slightly-stream-line-32-bit-syscall-entry-code.patch, bugfix/don-t-leak-64-bit-kernel-register-values-to-32-bit-processes.patch]
+2.6.26-lenny-security: released (2.6.26-19lenny1) [bugfix/x86/x86-64-slightly-stream-line-32-bit-syscall-entry-code.patch, bugfix/x86/don-t-leak-64-bit-kernel-register-values-to-32-bit-processes.patch]
More information about the kernel-sec-discuss
mailing list