r4501 - people/micah

Micah Anderson micah at costa.debian.org
Mon Oct 17 05:02:55 UTC 2005 

Author: micah
Date: 2005-10-17 05:02:55 +0000 (Mon, 17 Oct 2005)
New Revision: 4501

Modified:
   people/micah/pending_CVE_requests
Log:
Some updates


Modified: people/micah/pending_CVE_requests
===================================================================
--- people/micah/pending_CVE_requests	2005-10-17 03:20:30 UTC (rev 4500)
+++ people/micah/pending_CVE_requests	2005-10-17 05:02:55 UTC (rev 4501)
@@ -1,3 +1,4 @@
+
 Draft text for CVE:
 A local denial of service was discovered in the ptrace code for ia64 in
 linux-2.6.8 enabling unprivledged users to trigger an oops when
@@ -115,7 +116,8 @@
 dannf: advantage of this to set time_offset to a value that somehow makes the system oops or something - but
 dannf: since it already checks to see if this is non-zero, I don't think that's likely.
 
-* netfilter-NAT-memory-corruption.dpatch
+* netfilter-NAT-memory-corruption.dpatch (2.6.8)
+* 174_net-ipv4-netfilter-nat-mem.diff (2.4.27)
 fixed in 2.6.12.3
 URL: http://linux.bkbits.net:8080/linux-2.6/cset@1.3596.79.34?nav=index.html|src/|src/net|src/net/ipv4|src/net/ipv4/netfilter|related/net/ipv4/netfilter/ip_nat_proto_udp.c
 TODO: how is this a security issue?
@@ -148,11 +150,23 @@
 URL:
 http://acl.bestbits.at/pipermail/acl-devel/2005-February/001848.html
 Draft CVE Text:
-The ext2 and ext3 filesystems in Linux 2.6 kernels prior to 2.6.11 may mistake two xattr structures as being
+The ext2 and ext3 filesystems in Linux kernels prior to 2.6.11, may mistake two xattr structures as being
 identical when they differ only by the e_name_index field.  This can lead to a situation where the
 default ACLs on a directory disappear.
+TODO: include 2.4 info -- I am confused because xattr.c doesn't exist in 2.4, asking horms
 
+Draft CVE Text:
+dannf> This is the only one in 2.4.27-10sarge1 I couldn't find a CAN for elsewhere...
+* 184_arch-x86_64-ia32-ptrace32-oops.diff
+URL: http://lkml.org/lkml/2005/1/5/245
+URL: http://linux.bkbits.net:8080/linux-2.4/cset@41dd3455GwQPufrGvBJjcUOXQa3WXA
+Mark Bellon discovered a bug in the ptrace32 code routine on x86_64 Linux 2.4 kernels prior to 2.4.29.
+The find_target routine failed to properly handle the case where find_task_by_pid() returns NULL.  This
+is a potential DoS attack vector as it is possible for local users to cause the kernel to oops.
 
+
+
+
 New patches horms has applied, need to investigate these
 orinoco and drm bugs:
 orinoco-info-leak.patch (in 2.6.13.3)
@@ -160,10 +174,3 @@
 r4401, r4404, r4405, 4406, 4407 (193_plug-names_cache-memleak.diff)
 r4410, r4411, r4412, r4413, r4414, r4415, r4418
 
-Draft CVE Text:
-dannf> This is the only one in 2.4.27-10sarge1 I couldn't find a CAN for elsewhere...
-* 184_arch-x86_64-ia32-ptrace32-oops.diff
-URL: http://lkml.org/lkml/2005/1/5/245
-Mark Bellon discovered a bug in the ptrace32 code routine on x86_64 Linux 2.4 kernels prior to 2.4.29.
-The find_target routine failed to properly handle the case where find_task_by_pid() returns NULL.  This
-is a potential DoS attack vector as it is possible for local users to cause the kernel to oops.

More information about the Kernel-svn-changes mailing list