r4336 - people/horms/patch_notes

Simon Horman horms at costa.debian.org
Fri Oct 7 02:27:05 UTC 2005 

Author: horms
Date: 2005-10-07 02:27:04 +0000 (Fri, 07 Oct 2005)
New Revision: 4336

Removed:
   people/horms/patch_notes/newcve-2005-10-06
Modified:
   people/horms/patch_notes/newcve-2005-09-30
Log:
Merged newcve-2005-10-06 from Moritz Muehlenhoff into newcve-2005-09-30 from Joey

Modified: people/horms/patch_notes/newcve-2005-09-30
===================================================================
--- people/horms/patch_notes/newcve-2005-09-30	2005-10-06 21:13:45 UTC (rev 4335)
+++ people/horms/patch_notes/newcve-2005-09-30	2005-10-07 02:27:04 UTC (rev 4336)
@@ -371,8 +371,13 @@
 the architecture, which allows local users to cause a denial of
 service and possibly corrupt data by modifying PTE protections.
 
+Extra information from Moritz Muehlenhof:
+ia64 Montecito CPU do not maintain cache coherency correctly, which can be
+exploited by a local DoS.
+http://linux.bkbits.net:8080/linux-2.6/cset@4248d4019z8HvgrPAji51TKrWiV2uw?nav=index.html|src/|src/mm|related/mm/mprotect.c
 
 
+
 ======================================================
 Candidate: CAN-2005-3106
 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3106
@@ -389,6 +394,11 @@
 to cause a denial of service (deadlock) by triggering a core dump
 while waiting for a thread that has just performed an exec.
 
+Extra information from Moritz Muehlenhof:
+CAN-2005-3106:
+DoS through race condition in processes that share a memory mapping through
+CLONE_VM
+http://linux.bkbits.net:8080/linux-2.6/diffs/fs/exec.c@1.156?nav=index.html|src/|src/fs|hist/fs/exec.c
 
 
 ======================================================
@@ -408,6 +418,10 @@
 of service (deadlock) by forcing a core dump when the traced thread is
 in the TASK_TRACED state.
 
+Extra information from Moritz Muehlenhof:
+Local DoS through threads tracing each other by forcing a core dump, while the traced
+thread is in TASK_TRACED state.
+http://www.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.11-rc1/2.6.11-rc1-mm1/broken-out/fix-coredump_wait-deadlock-with-ptracer-tracee-on-shared-mm.patch
 
 
 ======================================================
@@ -426,6 +440,9 @@
 certain memory map that causes the iounmap to perform a lookup of a
 page that does not exist.
 
+Extra information from Moritz Muehlenhof:
+DoS and potential information leak in ioremap (seemingly specific to amd64)
+http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=93ef70a217637ade3f335303a112b22a134a1ec2 
 
 
 ======================================================
@@ -443,6 +460,9 @@
 cause a denial of service (oops) by using hfsplus to mount a
 filesystem that is not hfsplus.
 
+Extra information from Moritz Muehlenhof:
+Local DoS through oops by mounting a non-HFS+ filesystem as HFS+.
+http://www.kernel.org/git/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=945b092011c6af71a0107be96e119c8c08776f3f
 
 
 ======================================================
@@ -461,3 +481,7 @@
 might allow remote attackers to cause a denial of service (crash) via
 a series of packets that cause a value to be modified after it has
 been read but before it has been locked.
+
+Extra information from Moritz Muehlenhof:
+DoS on SMP, potentially 2.4 and 2.6
+http://sourceforge.net/mailarchive/forum.php?thread_id=6800453&forum_id=8572

Deleted: people/horms/patch_notes/newcve-2005-10-06
===================================================================
--- people/horms/patch_notes/newcve-2005-10-06	2005-10-06 21:13:45 UTC (rev 4335)
+++ people/horms/patch_notes/newcve-2005-10-06	2005-10-07 02:27:04 UTC (rev 4336)
@@ -1,32 +0,0 @@
-Hi,
-as usual; to minimize the overhead I'm sending these again by email and not
-through the BTS.
-
-CAN-2005-3110:
-DoS on SMP, potentially 2.4 and 2.6
-http://sourceforge.net/mailarchive/forum.php?thread_id=6800453&forum_id=8572
-
-CAN-2005-3109:
-Local DoS through oops by mounting a non-HFS+ filesystem as HFS+.
-http://www.kernel.org/git/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=945b092011c6af71a0107be96e119c8c08776f3f
-
-CAN-2005-3108:
-DoS and potential information leak in ioremap (seemingly specific to amd64)
-http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=93ef70a217637ade3f335303a112b22a134a1ec2 
-
-CAN-2005-3107:
-Local DoS through threads tracing each other by forcing a core dump, while the traced
-thread is in TASK_TRACED state.
-http://www.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.11-rc1/2.6.11-rc1-mm1/broken-out/fix-coredump_wait-deadlock-with-ptracer-tracee-on-shared-mm.patch
-
-CAN-2005-3106:
-DoS through race condition in processes that share a memory mapping through CLONE_VM
-http://linux.bkbits.net:8080/linux-2.6/diffs/fs/exec.c@1.156?nav=index.html|src/|src/fs|hist/fs/exec.c
-
-CAN-2005-3105:
-ia64 Montecito CPU do not maintain cache coherency correctly, which can be exploited by
-a local DoS.
-http://linux.bkbits.net:8080/linux-2.6/cset@4248d4019z8HvgrPAji51TKrWiV2uw?nav=index.html|src/|src/mm|related/mm/mprotect.c
-
-Cheers,
-        Moritz

More information about the Kernel-svn-changes mailing list