r4476 - people/micah

[Dann Frazier]

Author: dannf
Date: 2005-10-16 15:58:34 +0000 (Sun, 16 Oct 2005)
New Revision: 4476

Modified:
   people/micah/pending_CVE_requests
Log:
text cleanups

Modified: people/micah/pending_CVE_requests
===================================================================
--- people/micah/pending_CVE_requests	2005-10-16 15:42:36 UTC (rev 4475)
+++ people/micah/pending_CVE_requests	2005-10-16 15:58:34 UTC (rev 4476)
@@ -72,8 +72,8 @@
 Detaching a USB keyboard in Linux 2.6 kernels prior to 2.6.12 may trigger an oops and leave the keyboard
 unusable until a reboot.
 
-  * net-ipv4-ipvs-conn_tab-race.dpatch
-    [Security] Fix race condition on ip_vs_conn_tab list modification
+* net-ipv4-ipvs-conn_tab-race.dpatch
+[Security] Fix race condition on ip_vs_conn_tab list modification
 Draft CVE text: 
 A race condition resulting in a potential DoS was discovered in
 ip_vs_conn_flush in 2.6 kernels earlier than 2.6.13 and 2.4 kernels
@@ -117,10 +117,10 @@
 TODO: how is this a security issue?
 dannf> I'm not positive it is; but if it is, this description should do.
 Draft CVE Text:
-A potential memory corruption bug exists in the NAT code in Linux 2.6 kernels prior to 2.6.13.  The portptr
-pointing to the port in the conntrack tuple is declared static, which could result in memory corruption when
-two packets of the same protocol are NATed at the same time and one conntrack goes away.  A malicious machine
-on the same network could potentially use this to initiate a DoS attack.
+A potential memory corruption bug exists in the NAT code in Linux kernels prior to 2.6.13 and 2.4.32-rc1.
+The portptr pointing to the port in the conntrack tuple is declared static, which could result in memory
+corruption when two packets of the same protocol are NATed at the same time and one conntrack goes away.  A
+malicious machine on the same network could potentially use this to initiate a DoS attack.
 
 * netfilter-ip_conntrack_untracked-refcount.dpatch
 TODO: CVE text (how is this a security issue?)