[kernel] r5062 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Dec 21 11:47:32 UTC 2005
Author: jmm-guest
Date: Wed Dec 21 11:47:31 2005
New Revision: 5062
Added:
patch-tracking/CVE-2005-1368
Log:
another already resolved DoS issue
Added: patch-tracking/CVE-2005-1368
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2005-1368 Wed Dec 21 11:47:31 2005
@@ -0,0 +1,24 @@
+Candidate: CVE-2005-1368
+References:
+ http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.8
+ http://linux.bkbits.net:8080/linux-2.6/cset%40423078fafVa6mAyny23YZ87hDipmTw
+Description:
+ The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow
+ attackers to cause a denial of service (oops) via SMP.
+Notes:
+ horms> The fix for CAN-2005-1368 is in SVN for 2.6.11.
+ horms> The code that this bug manifests in is not present
+ horms> in 2.6.8 or 2.4.27.
+ jmm> The code in question isn't present in Woody either
+Bugs:
+upstream: released (2.6.11.8)
+linux-2.6: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.8: N/A
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
More information about the Kernel-svn-changes
mailing list