r4590 - people/horms/patch_notes/cve
Micah Anderson
micah at costa.debian.org
Fri Oct 21 18:06:45 UTC 2005
Author: micah
Date: 2005-10-21 18:06:44 +0000 (Fri, 21 Oct 2005)
New Revision: 4590
Added:
people/horms/patch_notes/cve/184_arch-x86_64-ia32-ptrace32-oops.diff
Log:
Patch stub added for CVE-2005-2553
Added: people/horms/patch_notes/cve/184_arch-x86_64-ia32-ptrace32-oops.diff
===================================================================
--- people/horms/patch_notes/cve/184_arch-x86_64-ia32-ptrace32-oops.diff 2005-10-21 18:02:20 UTC (rev 4589)
+++ people/horms/patch_notes/cve/184_arch-x86_64-ia32-ptrace32-oops.diff 2005-10-21 18:06:44 UTC (rev 4590)
@@ -0,0 +1,18 @@
+======================================================
+Candidate: CVE-2005-2553
+URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2553
+Reference: CONFIRM:http://lkml.org/lkml/2005/1/5/245
+Reference: CONFIRM:http://linux.bkbits.net:8080/linux-2.4/cset@41dd3455GwQPufrGvBJjcUOXQa3WXA
+Description:
+ The find_target function in ptrace32.c in the Linux kernel 2.4.x
+ before 2.4.29 does not properly handle a NULL return value from
+ another function, which allows local users to cause a denial of
+ service (kernel crash/oops) by running a 32-bit ltrace program with
+ the -i option on a 64-bit executable program.
+
+Bug: [id, id, ...]
+fixed-upstream: [2.4.29]
+2.6.13: (N/A)
+2.6.12: (N/A)
+2.6.8-sarge-security: (N/A)
+2.4.27-sarge-security: (pending [(2.4.27-10sarge1)]
More information about the Kernel-svn-changes
mailing list