[kernel] r5004 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Mon Dec 12 09:37:10 UTC 2005
Author: jmm-guest
Date: Mon Dec 12 09:37:08 2005
New Revision: 5004
Added:
patch-tracking/CVE-2005-1369
Log:
i2c sysfs DoS
Added: patch-tracking/CVE-2005-1369
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2005-1369 Mon Dec 12 09:37:08 2005
@@ -0,0 +1,23 @@
+Candidate: CVE-2005-1369
+References:
+ http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.8
+ http://lkml.org/lkml/2005/4/20/159
+Description:
+ The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8,
+ and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write
+ permissions, which allows local users to cause a denial of service (CPU
+ consumption) by attempting to write to the file, which does not have an
+ associated store function.
+Notes:
+ jmm> These drivers are not present in 2.4
+Bugs: 307552
+upstream: released (2.6.11.8)
+2.6.14: N/A
+2.6.8-sarge-security: pending (2.6.8-16)
+2.4.27-sarge-security: N/A
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
More information about the Kernel-svn-changes
mailing list