[kernel] r5232 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Jan 4 12:52:46 UTC 2006
Author: jmm-guest
Date: Wed Jan 4 12:52:45 2006
New Revision: 5232
Modified:
patch-tracking/CVE-2004-1144
patch-tracking/CVE-2004-2302
Log:
CVE-2004-1144 does not apply to 2.6
Add bugnumber to CVE-2004-2302
Modified: patch-tracking/CVE-2004-1144
==============================================================================
--- patch-tracking/CVE-2004-1144 (original)
+++ patch-tracking/CVE-2004-1144 Wed Jan 4 12:52:45 2006
@@ -10,12 +10,15 @@
Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64
systems allows local users to gain privileges.
Notes:
+ jmm> 2.6 is not affected, see the comment by Andi Kleen from the patch:
+ jmm> # The problem only occurs on 2.4 x86-64 kernels, 2.6 doesn't have this
+ jmm> # hole because some unrelated changes in 2.5 fixed it as a side effect.
Bugs:
upstream:
-linux-2.6:
-2.6.8-sarge-security:
+linux-2.6: N/A
+2.6.8-sarge-security: N/A
2.4.27-sarge-security: released (2.4.27-9) [138_amd64_syscall_vuln.diff]
-2.6.8:
+2.6.8: N/A
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
Modified: patch-tracking/CVE-2004-2302
==============================================================================
--- patch-tracking/CVE-2004-2302 (original)
+++ patch-tracking/CVE-2004-2302 Wed Jan 4 12:52:45 2006
@@ -10,7 +10,7 @@
kernel before 2.6.10 allows local users to read kernel memory and cause a
denial of service (crash) via large offsets in sysfs files.
Notes:
-Bugs:
+Bugs: 322339
upstream: released (2.6.10)
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge1)
More information about the Kernel-svn-changes
mailing list