r4579 - people/horms/patch_notes/cve

Micah Anderson micah at costa.debian.org
Fri Oct 21 16:47:09 UTC 2005


Author: micah
Date: 2005-10-21 16:47:08 +0000 (Fri, 21 Oct 2005)
New Revision: 4579

Added:
   people/horms/patch_notes/cve/sys_get_thread_area-leak.dpatch
Log:
Adding sys_get_thread_area-leak.dpatch, needs more information


Added: people/horms/patch_notes/cve/sys_get_thread_area-leak.dpatch
===================================================================
--- people/horms/patch_notes/cve/sys_get_thread_area-leak.dpatch	2005-10-21 11:18:49 UTC (rev 4578)
+++ people/horms/patch_notes/cve/sys_get_thread_area-leak.dpatch	2005-10-21 16:47:08 UTC (rev 4579)
@@ -0,0 +1,14 @@
+======================================================
+Candidate: CVE-2005-3276
+CONFIRM: http://linux.bkbits.net:8080/linux-2.6/cset@1.3700.4.106?nav=index.html|src/|src/arch|src/arch/i386|src/arch/i386/kernel|related/arch/i386/kernel/process.c
+CONFIRM: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=71ae18ec690953e9ba7107c7cc44589c2cc0d9f1
+REFERENCE: http://lkml.org/lkml/2005/8/3/36
+The sys_get_thread_area function in Linux 2.6 kernels prior to 2.6.12.4 and
+2.6.13 does not entirely clear a user_desc structure before copying it
+to userspace, resulting in a small information leak.
+
+Bug: [id, id, ...]
+fixed-upstream: [2.6.12.4(, version)*]
+2.6.13: (pending [(version)]|released [(version)]|N/A)[, backported][, patch-name-used.diff]
+2.6.12: (pending [(version)]|released [(version)]|N/A)[, backported][, patch-name-used.diff]
+2.6.8-sarge-security: (pending [(version)]|released [(version)]|N/A)[, backported][, patch-name-used.diff]




More information about the Kernel-svn-changes mailing list