[kernel-sec-discuss] r2723 - active retired
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Jul 20 13:47:03 UTC 2012
Author: jmm
Date: 2012-07-20 13:47:02 +0000 (Fri, 20 Jul 2012)
New Revision: 2723
Added:
retired/CVE-2011-1747
Removed:
active/CVE-2011-1747
Log:
retire issue
Deleted: active/CVE-2011-1747
===================================================================
--- active/CVE-2011-1747 2012-07-20 13:45:31 UTC (rev 2722)
+++ active/CVE-2011-1747 2012-07-20 13:47:02 UTC (rev 2723)
@@ -1,20 +0,0 @@
-Candidate: CVE-2011-1747
-Description:
- > Another problem in agp code is not addressed in the patch - kernel
- > memory exhaustion (AGPIOC_RESERVE and AGPIOC_ALLOCATE ioctls). It is not
- > checked whether requested pid is a pid of the caller (no check in
- > agpioc_reserve_wrap()).
- > Each allocation is limited to 16KB, though, there is no per-process
- > limit. This might lead to OOM situation, which is not even solved in case of
- > the caller death by OOM killer - the memory is allocated for another
- > (faked) process."
-References:
-Notes:
- jmm> This can only be triggered by root-equivalent privileges
-Bugs:
-upstream: needed "no upstream fix as of 2011.08.08"
-2.6.32-upstream-stable: needed "no upstream fix as of 2011.06.20"
-sid: needed "no upstream fix as of 2011.06.20"
-2.6.26-lenny-security: needed "no upstream fix as of 2011.06.20"
-2.6.32-squeeze-security: needed "no upstream fix as of 2011.06.20"
-3.2-upstream-stable: needed "no upstream fix as of 2011.06.20"
Copied: retired/CVE-2011-1747 (from rev 2722, active/CVE-2011-1747)
===================================================================
--- retired/CVE-2011-1747 (rev 0)
+++ retired/CVE-2011-1747 2012-07-20 13:47:02 UTC (rev 2723)
@@ -0,0 +1,20 @@
+Candidate: CVE-2011-1747
+Description:
+ > Another problem in agp code is not addressed in the patch - kernel
+ > memory exhaustion (AGPIOC_RESERVE and AGPIOC_ALLOCATE ioctls). It is not
+ > checked whether requested pid is a pid of the caller (no check in
+ > agpioc_reserve_wrap()).
+ > Each allocation is limited to 16KB, though, there is no per-process
+ > limit. This might lead to OOM situation, which is not even solved in case of
+ > the caller death by OOM killer - the memory is allocated for another
+ > (faked) process."
+References:
+Notes:
+ jmm> This can only be triggered by root-equivalent privileges
+Bugs:
+upstream: needed "no upstream fix as of 2011.08.08"
+2.6.32-upstream-stable: needed "no upstream fix as of 2011.06.20"
+sid: needed "no upstream fix as of 2011.06.20"
+2.6.26-lenny-security: needed "no upstream fix as of 2011.06.20"
+2.6.32-squeeze-security: needed "no upstream fix as of 2011.06.20"
+3.2-upstream-stable: needed "no upstream fix as of 2011.06.20"
Property changes on: retired/CVE-2011-1747
___________________________________________________________________
Added: svn:mergeinfo
+
More information about the kernel-sec-discuss
mailing list