r4486 - people/dannf
Dann Frazier
dannf at costa.debian.org
Sun Oct 16 22:04:11 UTC 2005
Author: dannf
Date: 2005-10-16 22:04:11 +0000 (Sun, 16 Oct 2005)
New Revision: 4486
Added:
people/dannf/2.4.27-10sarge1
Log:
initial commit
Added: people/dannf/2.4.27-10sarge1
===================================================================
--- people/dannf/2.4.27-10sarge1 2005-10-16 22:03:59 UTC (rev 4485)
+++ people/dannf/2.4.27-10sarge1 2005-10-16 22:04:11 UTC (rev 4486)
@@ -0,0 +1,101 @@
+[ Martin Schulze holds the master copy of this now; I'm just using this to track status myself ]
+Packages : kernel-source-2.4.27
+ kernel-image-2.4.27-alpha
+ kernel-image-2.4.27-arm
+ kernel-image-2.4.27-i386
+ kernel-image-2.4.27-ia64
+ kernel-image-2.4.27-m68k
+ kernel-image-2.4.27-s390
+ kernel-image-2.4.27-sparc
+ kernel-patch-2.4.27-mips
+ kernel-patch-2.4.27-powerpc
+Vulnerability : multiple
+Problem type : remote, local, DoS
+Debian-specific: no
+CVE Id(s) : CAN-XXXX-XXXX CAN-XXXX-XXXX CAN-XXXX-XXXX CAN-XXXX-XXXX
+ CAN-XXXX-XXXX CAN-XXXX-XXXX CAN-XXXX-XXXX CAN-XXXX-XXXX
+
+Multiple security vulnerabilities have been identified in the Linux 2.4 kernel.
+These vulnerabilities could allow an attacker to execute arbitrary code or
+initiate a denial of service (DoS) attack.
+
+CAN-2005-1768 (167_arch-ia64-x86_64_execve.diff, 171_arch-ia64-x86_64-execve-overflow.diff)
+
+ Race condition in the ia32 compatibility code for the execve system call
+ in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users
+ to cause a denial of service (kernel panic) and possibly execute arbitrary
+ code via a concurrent thread that increments a pointer count after the
+ nargs function has counted the pointers, but before the count is copied
+ from user space to kernel space, which leads to a buffer overflow.
+
+CAN-2005-0757 (168_fs_ext3_64bit_offset.diff)
+
+ The xattr file system code, as backported in Red Hat Enterprise Linux 3
+ on 64-bit systems, does not properly handle certain offsets, which
+ allows local users to cause a denial of service (system crash) via
+ certain actions on an ext3 file system with extended attributes
+ enabled.
+
+CAN-2005-1762 (169_arch-x86_64-kernel-ptrace-canonical-rip-1.diff)
+
+ The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64
+ platform allows local users to cause a denial of service (kernel crash)
+ via a "non-canonical" address.
+
+CAN-2005-0756 (169_arch-x86_64-kernel-ptrace-canonical-rip-2.diff)
+
+ ptrace 2.6.8.1 does not properly verify addresses on the amd64
+ platform, which allows local users to cause a denial of service (kernel
+ crash)
+
+NO-CAN (172_ppc32-time_offset-misuse.diff)
+
+CAN-REQUESTED (174_net-ipv4-netfilter-nat-mem.diff)
+
+CAN-2005-2456 (176_ipsec-array-overflow.diff)
+
+ Array index overflow in the xfrm_sk_policy_insert function in
+ xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of
+ service (oops or deadlock) and possibly execute arbitrary code via a
+ p->dir value that is larger than XFRM_POLICY_OUT, which is used as an
+ index in the sock->sk_policy array.
+
+CAN-2005-0757 (178_fs_ext2_ext3_xattr-sharing.diff)
+
+ The xattr file system code, as backported in Red Hat Enterprise Linux 3
+ on 64-bit systems, does not properly handle certain offsets, which
+ allows local users to cause a denial of service (system crash) via
+ certain actions on an ext3 file system with extended attributes
+ enabled.
+
+CAN-2005-2872 (179_net-ipv4-netfilter-ip_recent-last_pkts.diff)
+
+ The ipt_recent kernel module (ipt_recent.c) in Linux kernel before
+ 2.6.12, when running on 64-bit processors such as AMD64, allows remote
+ attackers to cause a denial of service (kernel panic) via certain
+ attacks such as SSH brute force, which leads to memset calls using a
+ length based on the u_int32_t type, acting on an array of unsigned long
+ elements, a different vulnerability than CAN-2005-2873.
+
+CAN-2005-1767 (181_arch-x86_64-kernel-stack-faults.diff)
+
+ traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment
+ faults on an exception stack, which allows local users to cause a
+ denial of service (oops and stack fault exception).
+
+CAN-2005-2458 (182_linux-zlib-fixes.diff)
+
+ inflate.c in the zlib routines in the Linux kernel before 2.6.12.5
+ allows remote attackers to cause a denial of service (kernel crash) via
+ a compressed file with "improper tables".
+
+CAN-2005-2459 (182_linux-zlib-fixes.diff)
+
+ The huft_build function in inflate.c in the zlib routines in the Linux
+ kernel before 2.6.12.5 returns the wrong value, which allows remote
+ attackers to cause a denial of service (kernel crash) via a certain
+ compressed file that leads to a null pointer dereference, a different
+ vulnerability than CAN-2005-2458.
+
+CAN-UNKNOWN (184_arch-x86_64-ia32-ptrace32-oops.diff)
+
More information about the Kernel-svn-changes
mailing list