[kernel-sec-discuss] r2043 - active

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Nov 22 18:43:37 UTC 2010 

Author: jmm
Date: 2010-11-22 18:43:34 +0000 (Mon, 22 Nov 2010)
New Revision: 2043

Added:
   active/CVE-2010-4162
   active/CVE-2010-4242
   active/CVE-2010-4243
Log:
three new issues


Added: active/CVE-2010-4162
===================================================================
--- active/CVE-2010-4162	                        (rev 0)
+++ active/CVE-2010-4162	2010-11-22 18:43:34 UTC (rev 2043)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-4162
+Description: DoS in block layer
+References:
+ http://git.kernel.org/?p=linux/kernel/git/axboe/linux-2.6-block.git;a=commitdiff;h=cb4644cac4a2797afc847e6c92736664d4b0ea34;hp=f3f63c1c28bc861a931fac283b5bc3585efb8967
+Notes:
+Bugs:
+upstream: needed
+2.6.32-upstream-stable: needed
+linux-2.6: needed
+2.6.26-lenny-security: needed
+2.6.32-squeeze-security: needed

Added: active/CVE-2010-4242
===================================================================
--- active/CVE-2010-4242	                        (rev 0)
+++ active/CVE-2010-4242	2010-11-22 18:43:34 UTC (rev 2043)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-4242
+Description: missing tty ops write function presence check in hci_uart_tty_open()
+References: 
+ https://bugzilla.redhat.com/show_bug.cgi?id=641410
+ http://git.kernel.org/linus/c19483cc5e56ac5e22dd19cf25ba210ab1537773
+Notes:
+Bugs:
+upstream:
+2.6.32-upstream-stable:
+linux-2.6:
+2.6.26-lenny-security:
+2.6.32-squeeze-security:

Added: active/CVE-2010-4243
===================================================================
--- active/CVE-2010-4243	                        (rev 0)
+++ active/CVE-2010-4243	2010-11-22 18:43:34 UTC (rev 2043)
@@ -0,0 +1,18 @@
+Candidate: CVE-2010-4243
+Description: mm: mem allocated invisible to oom_kill() when not attached to any threads
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=625688#c0
+Notes:
+ Quoting Eugene Teo from RH on oss-security:
+ > This is the OOM dodging issue that can be triggered with Brad's
+ > reproducer at http://grsecurity.net/~spender/64bit_dos.c. Written
+ > in the comments: "The second bug here is that the memory usage explodes
+ > within the kernel from a single 128k allocation in userland The
+ > explosion of memory isn't accounted for by any task so it won't be
+ > terminated by the OOM killer."
+Bugs:
+upstream:
+2.6.32-upstream-stable:
+linux-2.6:
+2.6.26-lenny-security:
+2.6.32-squeeze-security:

More information about the kernel-sec-discuss mailing list