r4374 - people/micah

Mon Oct 10 16:25:14 UTC 2005

Author: micah
Date: 2005-10-10 16:25:12 +0000 (Mon, 10 Oct 2005)
New Revision: 4374

Modified:
   people/micah/pending_CVE_requests
Log:
progress on pending CVEs 


Modified: people/micah/pending_CVE_requests
===================================================================

--- people/micah/pending_CVE_requests	2005-10-10 16:24:38 UTC (rev 4373)
+++ people/micah/pending_CVE_requests	2005-10-10 16:25:12 UTC (rev 4374)
@@ -53,37 +53,59 @@
 
   * net-ipv4-ipvs-conn_tab-race.dpatch
     [Security] Fix race condition on ip_vs_conn_tab list modification
-M: dannf tracked
+Draft CVE text: 
+A race condition resulting in a potential DoS was discovered in
+ip_vs_conn_flush in Linux 2.?.? on SMP systems. A race condition
+exists involving the lock release and re-aquisition of the list
+iterator loop resulting in the connection pointer to be set to NULL
+and then subsequently dereferenced, resulting in an oops.
+URL: http://lkml.org/lkml/2005/6/23/249
+URL: http://lkml.org/lkml/2005/6/24/173
+TODO: What version of the kernel does this affect? 2.4 also?
 
-  * asm-i386-mem-clobber.dpatch:
+* asm-i386-mem-clobber.dpatch:
+Draft CVE text:
     Make sure netlink_autobind() propagates the error return from
     netlink_insert().  Otherwise, callers will not see the error as they
     should and thus try to operate on a socket with a zero pid, which is very
     bad.
-M: dannf tracked
+URL: http://lkml.org/lkml/2005/6/27/348
+URL: http://linux.bkbits.net:8080/linux-2.6/cset@1.3349?nav=index.html|src/|src/include|src/include/asm-i386|related/include/asm-i386/string.h
+TODO: CVE text
+TODO: Security issue?
+TODO: Fixed in Upstream 2.6.12.2
 
-  * arch-ia64-ptrace-getregs-putregs.dpatch
+
+* arch-ia64-ptrace-getregs-putregs.dpatch
     [Security, ia64] Fix unchecked user-memory accesses in ptrage_getregs()
     and ptrace_setregs.
 M: dannf says this is a pre-requisite for 2005-1761
 
-  [ dann frazier ]
-  * Merge in applicable fixes from 2.6.12.3
-     - [Security] ppc32-time_offset-misuse.dpatch
-M: dannf tracked
+* ppc32-time_offset-misuse.dpatch
+URL: http://www.kernel.org/git/?p=linux/kernel/git/gregkh/linux-2.6.12.y.git;a=commitdiff;h=8f399a7448e0b58eae969426f61b7e81d55d2639
+TODO: CVE text (how is this a security issue?)
 
-  * Merge in applicable fixes from 2.6.12.4
-     - [Security] netfilter-NAT-memory-corruption.dpatch
-M: dannf tracked
+* netfilter-NAT-memory-corruption.dpatch
+TODO: CVE text (how is this a security issue?)
+fixed in 2.6.12.3
+URL: http://linux.bkbits.net:8080/linux-2.6/cset@1.3596.79.34?nav=index.html|src/|src/net|src/net/ipv4|src/net/ipv4/netfilter|related/net/ipv4/netfilter/ip_nat_proto_udp.c
 
-     - [Security] netfilter-ip_conntrack_untracked-refcount.dpatch
-M: dannf tracked
 
-     - [Security] sys_get_thread_area-leak.dpatch
-M: dannf tracked
+* netfilter-ip_conntrack_untracked-refcount.dpatch
+TODO: CVE text (how is this a security issue?)
+URL: http://linux.bkbits.net:8080/linux-2.6/cset@1.3596.79.35?nav=index.html|src/|src/net|src/net/ipv4|src/net/ipv4/netfilter|related/net/ipv4/netfilter/ip_conntrack_core.c
 
-  [ Simon Horman ]
-  * fs_ext2_ext3_xattr-sharing.dpatch
+* sys_get_thread_area-leak.dpatch
+TODO: CVE text
+URL: http://linux.bkbits.net:8080/linux-2.6/cset@1.3700.4.106?nav=index.html|src/|src/arch|src/arch/i386|src/arch/i386/kernel|related/arch/i386/kernel/process.c
+
+* fs_ext2_ext3_xattr-sharing.dpatch
     [Security] Xattr sharing bug
     See http://lists.debian.org/debian-kernel/2005/08/msg00238.html
+URL: http://lists.debian.org/debian-kernel/2005/08/msg00238.html
+URL: http://www.novell.com/linux/security/advisories/2005_18_kernel.html
+URL:
+http://acl.bestbits.at/pipermail/acl-devel/2005-February/001848.html
+TODO: CVE description (Debian specific?)
 
+


