[kernel] r4868 - patch-tracking

[Dann Frazier]

Author: dannf
Date: Tue Nov 22 15:49:07 2005
New Revision: 4868

Added:
   patch-tracking/CVE-2005-2100
      - copied, changed from r4853, patch-tracking/00boilerplate
   patch-tracking/CVE-2005-2708
      - copied, changed from r4853, patch-tracking/00boilerplate
Log:
a couple new issues from moritz

Copied: patch-tracking/CVE-2005-2100 (from r4853, patch-tracking/00boilerplate)
==============================================================================
--- patch-tracking/00boilerplate	(original)
+++ patch-tracking/CVE-2005-2100	Tue Nov 22 15:49:07 2005
@@ -1,6 +1,12 @@
-Candidate: 
+Candidate: CVE-2005-2100
 References: 
+ CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=165547
+ REDHAT:RHSA-2005:514
+ URL:http://www.redhat.com/support/errata/RHSA-2005-514.html
 Description: 
+ The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in
+ Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows
+ local users to cause a denial of service (crash).
 Notes: 
 Bugs: 
 upstream: 

Copied: patch-tracking/CVE-2005-2708 (from r4853, patch-tracking/00boilerplate)
==============================================================================
--- patch-tracking/00boilerplate	(original)
+++ patch-tracking/CVE-2005-2708	Tue Nov 22 15:49:07 2005
@@ -1,6 +1,11 @@
-Candidate: 
+Candidate: CVE-2005-2708
 References: 
+ CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161925
 Description: 
+ The search_binary_handler function in exec.c in Linux kernel on 64-bit x86
+ architectures does not check a return code for a particular function call when
+ virtual memory is low, which allows local users to cause a denial of service
+ (panic), as demonstrated by running a process using the bash ulimit -v command.
 Notes: 
 Bugs: 
 upstream: