[kernel-sec-discuss] r2257 - active retired
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Apr 18 11:44:27 UTC 2011
Author: jmm
Date: 2011-04-18 11:44:23 +0000 (Mon, 18 Apr 2011)
New Revision: 2257
Added:
retired/CVE-2010-3875
retired/CVE-2010-3876
retired/CVE-2010-3877
retired/CVE-2010-3880
retired/CVE-2010-4243
retired/CVE-2010-4529
retired/CVE-2010-4565
Removed:
active/CVE-2010-3875
active/CVE-2010-3876
active/CVE-2010-3877
active/CVE-2010-3880
active/CVE-2010-4243
active/CVE-2010-4529
active/CVE-2010-4565
Log:
retire issues
Deleted: active/CVE-2010-3875
===================================================================
--- active/CVE-2010-3875 2011-04-18 11:43:31 UTC (rev 2256)
+++ active/CVE-2010-3875 2011-04-18 11:44:23 UTC (rev 2257)
@@ -1,11 +0,0 @@
-Candidate: CVE-2010-3875
-Description: ax25 stack disclosure
-References:
- http://marc.info/?l=linux-netdev&m=128854507120898&w2=
-Notes:
-Bugs:
-upstream: released (2.6.37-rc2) [fe10ae5]
-2.6.32-upstream-stable: released (2.6.32.37)
-linux-2.6: released (2.6.32-30) [bugfix/all/CVE-2010-3875.patch]
-2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/net-ax25-fix-information-leak-to-userland.patch]
-2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/CVE-2010-3875.patch]
Deleted: active/CVE-2010-3876
===================================================================
--- active/CVE-2010-3876 2011-04-18 11:43:31 UTC (rev 2256)
+++ active/CVE-2010-3876 2011-04-18 11:44:23 UTC (rev 2257)
@@ -1,12 +0,0 @@
-Candidate: CVE-2010-3876
-Description: packer_getname_spkt() stack disclosure
-References:
- http://marc.info/?l=linux-netdev&m=128854507220908&w=2
-Notes:
-Bugs:
-upstream: released (2.6.37-rc2) [6728664]
-2.6.32-upstream-stable: released (2.6.32.37)
-linux-2.6: released (2.6.32-30) [bugfix/all/CVE-2010-3876.patch]
-2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/net-packet-fix-information-leak-to-userland.patch]
-2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/CVE-2010-3876.patch]
-
Deleted: active/CVE-2010-3877
===================================================================
--- active/CVE-2010-3877 2011-04-18 11:43:31 UTC (rev 2256)
+++ active/CVE-2010-3877 2011-04-18 11:44:23 UTC (rev 2257)
@@ -1,11 +0,0 @@
-Candidate: CVE-2010-3877
-Description:
- http://marc.info/?l=linux-netdev&m=128854507420917&w=2
-References:
-Notes:
-Bugs:
-upstream: released (2.6.37-rc2) [88f8a5e3e7defccd3925cabb1ee4d3994e5cdb52]
-2.6.32-upstream-stable: released (2.6.32.37)
-linux-2.6: released (2.6.32-30) [bugfix/all/CVE-2010-3877.patch]
-2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/net-tipc-fix-information-leak-to-userland.patch]
-2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/CVE-2010-3877.patch]
Deleted: active/CVE-2010-3880
===================================================================
--- active/CVE-2010-3880 2011-04-18 11:43:31 UTC (rev 2256)
+++ active/CVE-2010-3880 2011-04-18 11:44:23 UTC (rev 2257)
@@ -1,11 +0,0 @@
-Candidate: CVE-2010-3880
-Description: logic error in INET_DIAG bytecode auditing
-References:
- http://www.spinics.net/lists/netdev/msg145899.html
-Notes:
-Bugs:
-upstream: released (2.6.37-rc2) [22e76c8]
-2.6.32-upstream-stable: released (2.6.32.37)
-linux-2.6: released (2.6.32-30) [bugfix/all/CVE-2010-3880.patch]
-2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/inet_diag-make-sure-we-actually-run-the-same-bytecode-we-audited.patch]
-2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/CVE-2010-3880.patch]
Deleted: active/CVE-2010-4243
===================================================================
--- active/CVE-2010-4243 2011-04-18 11:43:31 UTC (rev 2256)
+++ active/CVE-2010-4243 2011-04-18 11:44:23 UTC (rev 2257)
@@ -1,18 +0,0 @@
-Candidate: CVE-2010-4243
-Description: mm: mem allocated invisible to oom_kill() when not attached to any threads
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=625688#c0
-Notes:
- Quoting Eugene Teo from RH on oss-security:
- > This is the OOM dodging issue that can be triggered with Brad's
- > reproducer at http://grsecurity.net/~spender/64bit_dos.c. Written
- > in the comments: "The second bug here is that the memory usage explodes
- > within the kernel from a single 128k allocation in userland The
- > explosion of memory isn't accounted for by any task so it won't be
- > terminated by the OOM killer."
-Bugs:
-upstream: released (2.6.37-rc5) [3c77f84, 114279be2120a916e8a04feeb2ac976a10016f2f]
-2.6.32-upstream-stable: released (2.6.32.37)
-linux-2.6: released (2.6.32-30) [bugfix/all/exec-make-argv-envp-memory-visible-to-oom-killer.patch, bugfix/all/exec-copy-and-paste-the-fixes-into-compat_do_execve-paths.patch]
-2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/exec-make-argv-envp-memory-visible-to-oom-killer.patch, bugfix/all/exec-copy-and-paste-the-fixes-into-compat_do_execve-paths.patch]
-2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/exec-make-argv-envp-memory-visible-to-oom-killer.patch, bugfix/all/exec-copy-and-paste-the-fixes-into-compat_do_execve-paths.patch]
Deleted: active/CVE-2010-4529
===================================================================
--- active/CVE-2010-4529 2011-04-18 11:43:31 UTC (rev 2256)
+++ active/CVE-2010-4529 2011-04-18 11:44:23 UTC (rev 2257)
@@ -1,11 +0,0 @@
-Candidate: CVE-2010-4529
-Description: irda: prevent integer underflow in IRLMP_ENUMDEVICES
-References:
- http://www.openwall.com/lists/oss-security/2010/12/23/1
-Notes:
-Bugs:
-upstream: released (2.6.37) [fdac1e0697356ac212259f2147aa60c72e334861]
-2.6.32-upstream-stable: released (2.6.32.37)
-linux-2.6: released (2.6.32-30) [bugfix/all/irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES.patch]
-2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES.patch]
-2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES.patch]
Deleted: active/CVE-2010-4565
===================================================================
--- active/CVE-2010-4565 2011-04-18 11:43:31 UTC (rev 2256)
+++ active/CVE-2010-4565 2011-04-18 11:44:23 UTC (rev 2257)
@@ -1,10 +0,0 @@
-Candidate: CVE-2010-4565
-Description: CAN: Use inode instead of kernel address for /proc file
-References:
-Notes:
-Bugs:
-upstream: released (2.6.37) [9f260e0efa4766e56d0ac14f1aeea6ee5eb8fe83]
-2.6.32-upstream-stable: released (2.6.32.37)
-linux-2.6: released (2.6.37-1)
-2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/can-use-inode-instead-of-kernel-address-for-proc-file.patch]
-2.6.32-squeeze-security: released (2.6.32-31) [bugfix/all/can-use-inode-instead-of-kernel-address-for-proc-file.patch]
Copied: retired/CVE-2010-3875 (from rev 2256, active/CVE-2010-3875)
===================================================================
--- retired/CVE-2010-3875 (rev 0)
+++ retired/CVE-2010-3875 2011-04-18 11:44:23 UTC (rev 2257)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-3875
+Description: ax25 stack disclosure
+References:
+ http://marc.info/?l=linux-netdev&m=128854507120898&w2=
+Notes:
+Bugs:
+upstream: released (2.6.37-rc2) [fe10ae5]
+2.6.32-upstream-stable: released (2.6.32.37)
+linux-2.6: released (2.6.32-30) [bugfix/all/CVE-2010-3875.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/net-ax25-fix-information-leak-to-userland.patch]
+2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/CVE-2010-3875.patch]
Property changes on: retired/CVE-2010-3875
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-3876 (from rev 2256, active/CVE-2010-3876)
===================================================================
--- retired/CVE-2010-3876 (rev 0)
+++ retired/CVE-2010-3876 2011-04-18 11:44:23 UTC (rev 2257)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-3876
+Description: packer_getname_spkt() stack disclosure
+References:
+ http://marc.info/?l=linux-netdev&m=128854507220908&w=2
+Notes:
+Bugs:
+upstream: released (2.6.37-rc2) [6728664]
+2.6.32-upstream-stable: released (2.6.32.37)
+linux-2.6: released (2.6.32-30) [bugfix/all/CVE-2010-3876.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/net-packet-fix-information-leak-to-userland.patch]
+2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/CVE-2010-3876.patch]
+
Property changes on: retired/CVE-2010-3876
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-3877 (from rev 2256, active/CVE-2010-3877)
===================================================================
--- retired/CVE-2010-3877 (rev 0)
+++ retired/CVE-2010-3877 2011-04-18 11:44:23 UTC (rev 2257)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-3877
+Description:
+ http://marc.info/?l=linux-netdev&m=128854507420917&w=2
+References:
+Notes:
+Bugs:
+upstream: released (2.6.37-rc2) [88f8a5e3e7defccd3925cabb1ee4d3994e5cdb52]
+2.6.32-upstream-stable: released (2.6.32.37)
+linux-2.6: released (2.6.32-30) [bugfix/all/CVE-2010-3877.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/net-tipc-fix-information-leak-to-userland.patch]
+2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/CVE-2010-3877.patch]
Property changes on: retired/CVE-2010-3877
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-3880 (from rev 2256, active/CVE-2010-3880)
===================================================================
--- retired/CVE-2010-3880 (rev 0)
+++ retired/CVE-2010-3880 2011-04-18 11:44:23 UTC (rev 2257)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-3880
+Description: logic error in INET_DIAG bytecode auditing
+References:
+ http://www.spinics.net/lists/netdev/msg145899.html
+Notes:
+Bugs:
+upstream: released (2.6.37-rc2) [22e76c8]
+2.6.32-upstream-stable: released (2.6.32.37)
+linux-2.6: released (2.6.32-30) [bugfix/all/CVE-2010-3880.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/inet_diag-make-sure-we-actually-run-the-same-bytecode-we-audited.patch]
+2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/CVE-2010-3880.patch]
Property changes on: retired/CVE-2010-3880
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-4243 (from rev 2256, active/CVE-2010-4243)
===================================================================
--- retired/CVE-2010-4243 (rev 0)
+++ retired/CVE-2010-4243 2011-04-18 11:44:23 UTC (rev 2257)
@@ -0,0 +1,18 @@
+Candidate: CVE-2010-4243
+Description: mm: mem allocated invisible to oom_kill() when not attached to any threads
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=625688#c0
+Notes:
+ Quoting Eugene Teo from RH on oss-security:
+ > This is the OOM dodging issue that can be triggered with Brad's
+ > reproducer at http://grsecurity.net/~spender/64bit_dos.c. Written
+ > in the comments: "The second bug here is that the memory usage explodes
+ > within the kernel from a single 128k allocation in userland The
+ > explosion of memory isn't accounted for by any task so it won't be
+ > terminated by the OOM killer."
+Bugs:
+upstream: released (2.6.37-rc5) [3c77f84, 114279be2120a916e8a04feeb2ac976a10016f2f]
+2.6.32-upstream-stable: released (2.6.32.37)
+linux-2.6: released (2.6.32-30) [bugfix/all/exec-make-argv-envp-memory-visible-to-oom-killer.patch, bugfix/all/exec-copy-and-paste-the-fixes-into-compat_do_execve-paths.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/exec-make-argv-envp-memory-visible-to-oom-killer.patch, bugfix/all/exec-copy-and-paste-the-fixes-into-compat_do_execve-paths.patch]
+2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/exec-make-argv-envp-memory-visible-to-oom-killer.patch, bugfix/all/exec-copy-and-paste-the-fixes-into-compat_do_execve-paths.patch]
Property changes on: retired/CVE-2010-4243
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-4529 (from rev 2256, active/CVE-2010-4529)
===================================================================
--- retired/CVE-2010-4529 (rev 0)
+++ retired/CVE-2010-4529 2011-04-18 11:44:23 UTC (rev 2257)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-4529
+Description: irda: prevent integer underflow in IRLMP_ENUMDEVICES
+References:
+ http://www.openwall.com/lists/oss-security/2010/12/23/1
+Notes:
+Bugs:
+upstream: released (2.6.37) [fdac1e0697356ac212259f2147aa60c72e334861]
+2.6.32-upstream-stable: released (2.6.32.37)
+linux-2.6: released (2.6.32-30) [bugfix/all/irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES.patch]
+2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES.patch]
Property changes on: retired/CVE-2010-4529
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-4565 (from rev 2256, active/CVE-2010-4565)
===================================================================
--- retired/CVE-2010-4565 (rev 0)
+++ retired/CVE-2010-4565 2011-04-18 11:44:23 UTC (rev 2257)
@@ -0,0 +1,10 @@
+Candidate: CVE-2010-4565
+Description: CAN: Use inode instead of kernel address for /proc file
+References:
+Notes:
+Bugs:
+upstream: released (2.6.37) [9f260e0efa4766e56d0ac14f1aeea6ee5eb8fe83]
+2.6.32-upstream-stable: released (2.6.32.37)
+linux-2.6: released (2.6.37-1)
+2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/can-use-inode-instead-of-kernel-address-for-proc-file.patch]
+2.6.32-squeeze-security: released (2.6.32-31) [bugfix/all/can-use-inode-instead-of-kernel-address-for-proc-file.patch]
Property changes on: retired/CVE-2010-4565
___________________________________________________________________
Added: svn:mergeinfo
+
More information about the kernel-sec-discuss
mailing list