r4344 - people/horms/patch_notes

[Simon Horman]

Author: horms
Date: 2005-10-07 08:14:01 +0000 (Fri, 07 Oct 2005)
New Revision: 4344

Modified:
   people/horms/patch_notes/newcve-2005-09-30
Log:
Annotate CAN-2005-3055

Modified: people/horms/patch_notes/newcve-2005-09-30
===================================================================
--- people/horms/patch_notes/newcve-2005-09-30	2005-10-07 05:17:28 UTC (rev 4343)
+++ people/horms/patch_notes/newcve-2005-09-30	2005-10-07 08:14:01 UTC (rev 4344)
@@ -352,7 +352,16 @@
 Request Block (URB) to a USB device and terminates before the URB is
 finished, which leads to a stale pointer reference.
 
+Notes Horms:
+http://lkml.org/lkml/2005/9/30/218
+upstream: pending
+2.6.13: vulnerable
+2.6.8-sarge: not applicable
+2.6.8-sarge-security: not applicable
+2.4.27-sid/sarge: not applicable
+2.4.27-sarge-security: not applicable
 
+
 ======================================================
 Candidate: CAN-2005-3105
 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3105
@@ -376,8 +385,12 @@
 exploited by a local DoS.
 http://linux.bkbits.net:8080/linux-2.6/cset@4248d4019z8HvgrPAji51TKrWiV2uw?nav=index.html|src/|src/mm|related/mm/mprotect.c
 
-Notes from Micah:
-this is from 2.6.8-16sarge1: mckinley_icache.dpatch
+Notes from Micah and Horms:
+upstream: fixed
+2.6.8-sarge: in svn: mckinley_icache.dpatch
+2.6.8-sarge-security: fixed in 2.6.8-16sarge1: mckinley_icache.dpatch
+2.4.27-sid/sarge: vulnerable
+2.4.27-sarge-security: vulnerable
 
 
 ======================================================
@@ -402,11 +415,8 @@
 CLONE_VM
 http://linux.bkbits.net:8080/linux-2.6/diffs/fs/exec.c@1.156?nav=index.html|src/|src/fs|hist/fs/exec.c
 
-Notes from Micah:
-This is fixed in 2.6.8-16sarge1 in fs-exec-ptrace-core-exec-race.dpatch
-
 Notes from Micah and Horms:
-upstream: 2.6.11
+upstream: fixed
 2.6.8-sarge: in svn: fs-exec-ptrace-core-exec-race.dpatch
 2.6.8-sarge-security: fixed in 2.6.8-16sarge1: fs-exec-ptrace-core-exec-race.dpatch
 2.4.27-sid/sarge: not implemented