[kernel] r6364 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Mon Apr 3 07:40:12 UTC 2006
Author: jmm-guest
Date: Mon Apr 3 07:40:07 2006
New Revision: 6364
Added:
patch-tracking/CVE-2006-1055
Log:
new local dos
Added: patch-tracking/CVE-2006-1055
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2006-1055 Mon Apr 3 07:40:07 2006
@@ -0,0 +1,24 @@
+Candidate: CVE-2006-1055
+References:
+Description:
+ Quoting Greg KH:
+ Al just pointed me at an old sysfs patch that went into the tree last
+ year that has some potential security problems. Turns out that if you
+ write to a sysfs file exactly PAGE_SIZE worth of data, with no zeros in
+ it, there's a good chance you could read off the end of the kernel
+ buffer into who knows where.
+Notes:
+ jmm> This was judged non-exploitable by Al Viro, but it's still a local DoS
+ jmm> 2.4 N/A, as it doesn't have sysfs
+Bugs:
+upstream: pending
+linux-2.6:
+2.6.8-sarge-security:
+2.4.27-sarge-security: N/A
+2.4.27: N/A
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
More information about the Kernel-svn-changes
mailing list