[kernel] r5067 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Dec 21 17:28:18 UTC 2005
Author: jmm-guest
Date: Wed Dec 21 17:28:17 2005
New Revision: 5067
Added:
patch-tracking/CVE-2005-0176
Log:
shmctl information leak, I don't know if that has been
adressed yet
Added: patch-tracking/CVE-2005-0176
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2005-0176 Wed Dec 21 17:28:17 2005
@@ -0,0 +1,23 @@
+Candidate: CVE-2005-0176
+References:
+ http://marc.theaimsgroup.com/?l=full-disclosure&m=110846102231365&w=2
+ http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
+ http://www.redhat.com/support/errata/RHSA-2005-092.html
+ http://oval.mitre.org/oval/definitions/data/oval1225.html
+Description:
+ The shmctl function in Linux 2.6.9 and earlier allows local users to unlock
+ the memory of other processes, which could cause sensitive memory to be swapped
+ to disk, which could allow it to be read by other users once it has been released.
+Notes:
+Bugs:
+upstream:
+linux-2.6:
+2.6.8-sarge-security:
+2.4.27-sarge-security:
+2.6.8:
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
More information about the Kernel-svn-changes
mailing list