[kernel-sec-discuss] r1953 - active

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Sep 10 06:58:38 UTC 2010


Author: jmm
Date: 2010-09-10 06:58:34 +0000 (Fri, 10 Sep 2010)
New Revision: 1953

Added:
   active/CVE-2010-2492
   active/CVE-2010-3078
Log:
two new issues


Added: active/CVE-2010-2492
===================================================================
--- active/CVE-2010-2492	                        (rev 0)
+++ active/CVE-2010-2492	2010-09-10 06:58:34 UTC (rev 1953)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-2492
+Description: Buffer overflow in the ecryptfs_uid_hash macro
+References:
+ a6f80fb7b5986fda663d94079d3bba0937a6b6ff
+Notes:
+Bugs:
+upstream: released (2.6.35)
+2.6.32-upstream-stable:
+linux-2.6:
+2.6.26-lenny-security:
+2.6.32-squeeze-security:

Added: active/CVE-2010-3078
===================================================================
--- active/CVE-2010-3078	                        (rev 0)
+++ active/CVE-2010-3078	2010-09-10 06:58:34 UTC (rev 1953)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-3078
+Description: XFS_IOC_FSGETXATTR ioctl memory leak
+References:
+ http://www.linux.sgi.com/archives/xfs-masters/2010-09/msg00002.html
+ https://bugzilla.redhat.com/show_bug.cgi?id=630804
+Notes:
+Bugs:
+upstream: needed
+2.6.32-upstream-stable: needed
+linux-2.6: needed
+2.6.26-lenny-security: needed
+2.6.32-squeeze-security: needed




More information about the kernel-sec-discuss mailing list