r4486 - people/dannf

Dann Frazier dannf at costa.debian.org
Sun Oct 16 22:04:11 UTC 2005 

Author: dannf
Date: 2005-10-16 22:04:11 +0000 (Sun, 16 Oct 2005)
New Revision: 4486

Added:
   people/dannf/2.4.27-10sarge1
Log:
initial commit


Added: people/dannf/2.4.27-10sarge1
===================================================================
--- people/dannf/2.4.27-10sarge1	2005-10-16 22:03:59 UTC (rev 4485)
+++ people/dannf/2.4.27-10sarge1	2005-10-16 22:04:11 UTC (rev 4486)
@@ -0,0 +1,101 @@
+[ Martin Schulze holds the master copy of this now; I'm just using this to track status myself ]
+Packages       : kernel-source-2.4.27
+		 kernel-image-2.4.27-alpha
+		 kernel-image-2.4.27-arm
+		 kernel-image-2.4.27-i386
+		 kernel-image-2.4.27-ia64
+		 kernel-image-2.4.27-m68k
+		 kernel-image-2.4.27-s390
+		 kernel-image-2.4.27-sparc
+		 kernel-patch-2.4.27-mips
+		 kernel-patch-2.4.27-powerpc
+Vulnerability  : multiple
+Problem type   : remote, local, DoS
+Debian-specific: no
+CVE Id(s)      : CAN-XXXX-XXXX CAN-XXXX-XXXX CAN-XXXX-XXXX CAN-XXXX-XXXX
+		 CAN-XXXX-XXXX CAN-XXXX-XXXX CAN-XXXX-XXXX CAN-XXXX-XXXX
+
+Multiple security vulnerabilities have been identified in the Linux 2.4 kernel.
+These vulnerabilities could allow an attacker to execute arbitrary code or
+initiate a denial of service (DoS) attack.
+
+CAN-2005-1768 (167_arch-ia64-x86_64_execve.diff, 171_arch-ia64-x86_64-execve-overflow.diff)
+
+	Race condition in the ia32 compatibility code for the execve system call
+	in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users
+	to cause a denial of service (kernel panic) and possibly execute arbitrary
+	code via a concurrent thread that increments a pointer count after the
+	nargs function has counted the pointers, but before the count is copied
+	from user space to kernel space, which leads to a buffer overflow.
+
+CAN-2005-0757 (168_fs_ext3_64bit_offset.diff)
+
+	The xattr file system code, as backported in Red Hat Enterprise Linux 3
+	on 64-bit systems, does not properly handle certain offsets, which
+	allows local users to cause a denial of service (system crash) via
+	certain actions on an ext3 file system with extended attributes
+	enabled.
+
+CAN-2005-1762 (169_arch-x86_64-kernel-ptrace-canonical-rip-1.diff)
+
+	The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64
+	platform allows local users to cause a denial of service (kernel crash)
+	via a "non-canonical" address.
+
+CAN-2005-0756 (169_arch-x86_64-kernel-ptrace-canonical-rip-2.diff)
+
+	ptrace 2.6.8.1 does not properly verify addresses on the amd64
+	platform, which allows local users to cause a denial of service (kernel
+	crash)
+
+NO-CAN (172_ppc32-time_offset-misuse.diff)
+
+CAN-REQUESTED (174_net-ipv4-netfilter-nat-mem.diff)
+
+CAN-2005-2456 (176_ipsec-array-overflow.diff)
+
+	Array index overflow in the xfrm_sk_policy_insert function in
+	xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of
+	service (oops or deadlock) and possibly execute arbitrary code via a
+	p->dir value that is larger than XFRM_POLICY_OUT, which is used as an
+	index in the sock->sk_policy array.
+
+CAN-2005-0757 (178_fs_ext2_ext3_xattr-sharing.diff)
+
+	The xattr file system code, as backported in Red Hat Enterprise Linux 3
+	on 64-bit systems, does not properly handle certain offsets, which
+	allows local users to cause a denial of service (system crash) via
+	certain actions on an ext3 file system with extended attributes
+	enabled.
+
+CAN-2005-2872 (179_net-ipv4-netfilter-ip_recent-last_pkts.diff)
+
+	The ipt_recent kernel module (ipt_recent.c) in Linux kernel before
+	2.6.12, when running on 64-bit processors such as AMD64, allows remote
+	attackers to cause a denial of service (kernel panic) via certain
+	attacks such as SSH brute force, which leads to memset calls using a
+	length based on the u_int32_t type, acting on an array of unsigned long
+	elements, a different vulnerability than CAN-2005-2873.
+
+CAN-2005-1767 (181_arch-x86_64-kernel-stack-faults.diff)
+
+	traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment
+	faults on an exception stack, which allows local users to cause a
+	denial of service (oops and stack fault exception).
+
+CAN-2005-2458 (182_linux-zlib-fixes.diff)
+
+	inflate.c in the zlib routines in the Linux kernel before 2.6.12.5
+	allows remote attackers to cause a denial of service (kernel crash) via
+	a compressed file with "improper tables".
+
+CAN-2005-2459 (182_linux-zlib-fixes.diff)
+
+	The huft_build function in inflate.c in the zlib routines in the Linux
+	kernel before 2.6.12.5 returns the wrong value, which allows remote
+	attackers to cause a denial of service (kernel crash) via a certain
+	compressed file that leads to a null pointer dereference, a different
+	vulnerability than CAN-2005-2458.
+
+CAN-UNKNOWN (184_arch-x86_64-ia32-ptrace32-oops.diff)
+

More information about the Kernel-svn-changes mailing list