r4585 - people/horms/patch_notes/cve

Micah Anderson micah at costa.debian.org
Fri Oct 21 17:35:26 UTC 2005 

Author: micah
Date: 2005-10-21 17:35:23 +0000 (Fri, 21 Oct 2005)
New Revision: 4585

Added:
   people/horms/patch_notes/cve/net-rose-ndigis-verify.dpatch
Modified:
   people/horms/patch_notes/cve/sys_get_thread_area-leak.dpatch
Log:
Added net-rose-ndigis-verify.dpatch
Updated sys_get_thread_area-leak.dpatch to note N/A to 2.4


Added: people/horms/patch_notes/cve/net-rose-ndigis-verify.dpatch
===================================================================
--- people/horms/patch_notes/cve/net-rose-ndigis-verify.dpatch	2005-10-21 17:28:41 UTC (rev 4584)
+++ people/horms/patch_notes/cve/net-rose-ndigis-verify.dpatch	2005-10-21 17:35:23 UTC (rev 4585)
@@ -0,0 +1,18 @@
+======================================================
+Candidate: CVE-2005-3273
+URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3273
+Reference:
+CONFIRM:http://linux.bkbits.net:8080/linux-2.6/diffs/net/rose/rose_route.c@1.16?nav=index.html|src/|src/net|src/net/rose|related/net/rose/rose_route.c|cset@1.2009.1.46
+Reference: CONFIRM:http://lkml.org/lkml/2005/5/23/169
+Description:
+ The rose_rt_ioctl function in rose_route.c for ROSE in Linux 2.6
+ kernels prior to 2.6.12 does not properly verify the ndigis argument
+ for a new route, which allows attackers to trigger array out-of-bounds
+ errors with a large number of digipeats.                      
+ 
+Bug: [id, id, ...]
+fixed-upstream: [2.6.12(, version)*]
+2.6.13: (pending [(version)]|released [(version)]|N/A)[, backported][, patch-name-used.diff]
+2.6.12: (pending [(version)]|released [(version)]|N/A)[, backported][, patch-name-used.diff]
+2.6.8-sarge-security: (pending [(2.6.8-16sarge2)]|released [(2.6.8-16sarge1)]|N/A)[, backported][, patch-name-used.diff]
+2.4.27-sarge-security: (N/A)

Modified: people/horms/patch_notes/cve/sys_get_thread_area-leak.dpatch
===================================================================
--- people/horms/patch_notes/cve/sys_get_thread_area-leak.dpatch	2005-10-21 17:28:41 UTC (rev 4584)
+++ people/horms/patch_notes/cve/sys_get_thread_area-leak.dpatch	2005-10-21 17:35:23 UTC (rev 4585)
@@ -13,3 +13,4 @@
 2.6.13: (pending [(version)]|released [(version)]|N/A)[, backported][, patch-name-used.diff]
 2.6.12: (pending [(version)]|released [(version)]|N/A)[, backported][, patch-name-used.diff]
 2.6.8-sarge-security: (pending [(2.6.8-16sarge2)]|released [(2.6.8-16sarge1)]|N/A)[, backported][, patch-name-used.diff]
+2.4.27-sarge-security: (N/A)
\ No newline at end of file

More information about the Kernel-svn-changes mailing list