r4588 - people/horms/patch_notes/cve
Micah Anderson
micah at costa.debian.org
Fri Oct 21 17:58:14 UTC 2005
Author: micah
Date: 2005-10-21 17:58:14 +0000 (Fri, 21 Oct 2005)
New Revision: 4588
Added:
people/horms/patch_notes/cve/fs-exec-posix-timers-leak-1.dpatch
Log:
Added 2005-3271
Added: people/horms/patch_notes/cve/fs-exec-posix-timers-leak-1.dpatch
===================================================================
--- people/horms/patch_notes/cve/fs-exec-posix-timers-leak-1.dpatch 2005-10-21 17:52:44 UTC (rev 4587)
+++ people/horms/patch_notes/cve/fs-exec-posix-timers-leak-1.dpatch 2005-10-21 17:58:14 UTC (rev 4588)
@@ -0,0 +1,19 @@
+======================================================
+Candidate: CVE-2005-3271
+URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3271
+Reference: MLIST:[linux-kernel] 20040911 [PATCH] exec: fix posix-timers leak and pending signal loss
+Reference: URL:http://www.ussg.iu.edu/hypermail/linux/kernel/0409.1/1107.html
+Reference: CONFIRM:http://linux.bkbits.net:8080/linux-2.6/cset@414b332fsZQvEUsfzKJIo-q2_ZH0hg
+Description:
+ Exec in Linux kernel 2.6 does not properly clear posix-timers in
+ multi-threaded environments, which results in a resource leak and
+ could allow a large number of multiple local users to cause a denial
+ of service by using more posix-timers than specified by the quota for
+ a single user.
+
+Bug: [id, id, ...]
+fixed-upstream: [2.6.9]
+2.6.13: (N/A)
+2.6.12: (N/A)
+2.6.8-sarge-security: (pending [(2.6.8-16sarge2)]|released [(2.6.8-16sarge1)])[, backported][pre-requisite.dpatch(, pre-requisite.dpatch)*]
+2.4.27-sarge-security: (pending [(version)]|released [(version)]|N/A)[, backported][pre-requisite.dpatch(, pre-requisite.dpatch)*]
More information about the Kernel-svn-changes
mailing list