r4336 - people/horms/patch_notes
Simon Horman
horms at costa.debian.org
Fri Oct 7 02:27:05 UTC 2005
Author: horms
Date: 2005-10-07 02:27:04 +0000 (Fri, 07 Oct 2005)
New Revision: 4336
Removed:
people/horms/patch_notes/newcve-2005-10-06
Modified:
people/horms/patch_notes/newcve-2005-09-30
Log:
Merged newcve-2005-10-06 from Moritz Muehlenhoff into newcve-2005-09-30 from Joey
Modified: people/horms/patch_notes/newcve-2005-09-30
===================================================================
--- people/horms/patch_notes/newcve-2005-09-30 2005-10-06 21:13:45 UTC (rev 4335)
+++ people/horms/patch_notes/newcve-2005-09-30 2005-10-07 02:27:04 UTC (rev 4336)
@@ -371,8 +371,13 @@
the architecture, which allows local users to cause a denial of
service and possibly corrupt data by modifying PTE protections.
+Extra information from Moritz Muehlenhof:
+ia64 Montecito CPU do not maintain cache coherency correctly, which can be
+exploited by a local DoS.
+http://linux.bkbits.net:8080/linux-2.6/cset@4248d4019z8HvgrPAji51TKrWiV2uw?nav=index.html|src/|src/mm|related/mm/mprotect.c
+
======================================================
Candidate: CAN-2005-3106
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3106
@@ -389,6 +394,11 @@
to cause a denial of service (deadlock) by triggering a core dump
while waiting for a thread that has just performed an exec.
+Extra information from Moritz Muehlenhof:
+CAN-2005-3106:
+DoS through race condition in processes that share a memory mapping through
+CLONE_VM
+http://linux.bkbits.net:8080/linux-2.6/diffs/fs/exec.c@1.156?nav=index.html|src/|src/fs|hist/fs/exec.c
======================================================
@@ -408,6 +418,10 @@
of service (deadlock) by forcing a core dump when the traced thread is
in the TASK_TRACED state.
+Extra information from Moritz Muehlenhof:
+Local DoS through threads tracing each other by forcing a core dump, while the traced
+thread is in TASK_TRACED state.
+http://www.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.11-rc1/2.6.11-rc1-mm1/broken-out/fix-coredump_wait-deadlock-with-ptracer-tracee-on-shared-mm.patch
======================================================
@@ -426,6 +440,9 @@
certain memory map that causes the iounmap to perform a lookup of a
page that does not exist.
+Extra information from Moritz Muehlenhof:
+DoS and potential information leak in ioremap (seemingly specific to amd64)
+http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=93ef70a217637ade3f335303a112b22a134a1ec2
======================================================
@@ -443,6 +460,9 @@
cause a denial of service (oops) by using hfsplus to mount a
filesystem that is not hfsplus.
+Extra information from Moritz Muehlenhof:
+Local DoS through oops by mounting a non-HFS+ filesystem as HFS+.
+http://www.kernel.org/git/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=945b092011c6af71a0107be96e119c8c08776f3f
======================================================
@@ -461,3 +481,7 @@
might allow remote attackers to cause a denial of service (crash) via
a series of packets that cause a value to be modified after it has
been read but before it has been locked.
+
+Extra information from Moritz Muehlenhof:
+DoS on SMP, potentially 2.4 and 2.6
+http://sourceforge.net/mailarchive/forum.php?thread_id=6800453&forum_id=8572
Deleted: people/horms/patch_notes/newcve-2005-10-06
===================================================================
--- people/horms/patch_notes/newcve-2005-10-06 2005-10-06 21:13:45 UTC (rev 4335)
+++ people/horms/patch_notes/newcve-2005-10-06 2005-10-07 02:27:04 UTC (rev 4336)
@@ -1,32 +0,0 @@
-Hi,
-as usual; to minimize the overhead I'm sending these again by email and not
-through the BTS.
-
-CAN-2005-3110:
-DoS on SMP, potentially 2.4 and 2.6
-http://sourceforge.net/mailarchive/forum.php?thread_id=6800453&forum_id=8572
-
-CAN-2005-3109:
-Local DoS through oops by mounting a non-HFS+ filesystem as HFS+.
-http://www.kernel.org/git/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=945b092011c6af71a0107be96e119c8c08776f3f
-
-CAN-2005-3108:
-DoS and potential information leak in ioremap (seemingly specific to amd64)
-http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=93ef70a217637ade3f335303a112b22a134a1ec2
-
-CAN-2005-3107:
-Local DoS through threads tracing each other by forcing a core dump, while the traced
-thread is in TASK_TRACED state.
-http://www.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.11-rc1/2.6.11-rc1-mm1/broken-out/fix-coredump_wait-deadlock-with-ptracer-tracee-on-shared-mm.patch
-
-CAN-2005-3106:
-DoS through race condition in processes that share a memory mapping through CLONE_VM
-http://linux.bkbits.net:8080/linux-2.6/diffs/fs/exec.c@1.156?nav=index.html|src/|src/fs|hist/fs/exec.c
-
-CAN-2005-3105:
-ia64 Montecito CPU do not maintain cache coherency correctly, which can be exploited by
-a local DoS.
-http://linux.bkbits.net:8080/linux-2.6/cset@4248d4019z8HvgrPAji51TKrWiV2uw?nav=index.html|src/|src/mm|related/mm/mprotect.c
-
-Cheers,
- Moritz
More information about the Kernel-svn-changes
mailing list