[kernel] r5346 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Sun Jan 8 14:07:45 UTC 2006
Author: jmm-guest
Date: Sun Jan 8 14:07:43 2006
New Revision: 5346
Removed:
patch-tracking/CVE-2004-0984
Modified:
patch-tracking/CVE-2004-0394
patch-tracking/CVE-2004-0554
patch-tracking/CVE-2004-1017
patch-tracking/CVE-2005-4605
Log:
another upstream fix for CVE-2005-4605
CVE-2004-0554 resolved for 2.4.27 and 2.6.8
CVE-2004-0394 resolved for 2.6.8, unfixed in 2.4.27, but I don't
think this is exploitable, marked "needed" anyway
Removed CVE-2004-0984, which was a c&p error
CVE-2004-1017 needs to be fixed for 2.6.8
Modified: patch-tracking/CVE-2004-0394
==============================================================================
--- patch-tracking/CVE-2004-0394 (original)
+++ patch-tracking/CVE-2004-0394 Sun Jan 8 14:07:43 2006
@@ -22,12 +22,15 @@
A "potential" buffer overflow exists in the panic() function in Linux 2.4.x,
although it may not be exploitable due to the functionality of panic.
Notes:
+ jmm> I've verified 2.6.8 to contain the correct vsnprintf() call
+ jmm> For 2.4 it's fixed in 2.4.32, but unfixed in 2.4.27. I'm marking it
+ jmm> needed, although I guess it's not exploitable
Bugs:
upstream:
-linux-2.6:
-2.6.8-sarge-security:
-2.4.27-sarge-security:
-2.6.8:
+linux-2.6: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: needed
+2.6.8: N/A
2.4.19-woody-security: pending (2.4.19-4.woody3)
2.4.18-woody-security: released (2.4.18-14.4)
2.4.17-woody-security: pending (2.4.17-1woody4)
Modified: patch-tracking/CVE-2004-0554
==============================================================================
--- patch-tracking/CVE-2004-0554 (original)
+++ patch-tracking/CVE-2004-0554 Sun Jan 8 14:07:43 2006
@@ -38,16 +38,18 @@
handler with a certain sequence of fsave and frstor instructions, as
originally demonstrated using a "crash.c" program.
Notes:
+ jmm> I don't know at which version this was merged, but I've verified that
+ jmm> the stock 2.4.27 and 2.6.8 contain the fix
Bugs: 261521
upstream:
-linux-2.6:
-2.6.8-sarge-security:
-2.4.27-sarge-security:
-2.6.8:
+linux-2.6: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.8: N/A
2.4.19-woody-security: pending (2.4.19-4.woody3)
2.4.18-woody-security: released (2.4.18-14.4)
2.4.17-woody-security: pending (2.4.17-1woody4)
2.4.16-woody-security: pending (2.4.16-1woody3)
2.4.17-woody-security-hppa: pending (32.5)
2.4.17-woody-security-ia64: pending (011226.18)
-2.4.18-woody-security-hppa: pending (62.4)
+2.4.18-woody-security-hppa: pending (62.4)
\ No newline at end of file
Modified: patch-tracking/CVE-2004-1017
==============================================================================
--- patch-tracking/CVE-2004-1017 (original)
+++ patch-tracking/CVE-2004-1017 Sun Jan 8 14:07:43 2006
@@ -10,10 +10,13 @@
Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have
unknown impact and unknown attack vectors.
Notes:
+ jmm> I've checked 2.6.14, but I didn't find the exact upstream version when
+ jmm> this was fixed
+ jmm> The fix is required for 2.6.8
Bugs:
upstream:
-linux-2.6:
-2.6.8-sarge-security:
+linux-2.6: N/A
+2.6.8-sarge-security: needed
2.4.27-sarge-security: released (2.4.27-9) [137_io_edgeport_overflow.diff]
2.6.8:
2.4.19-woody-security: pending (2.4.19-4.woody3)
Modified: patch-tracking/CVE-2005-4605
==============================================================================
--- patch-tracking/CVE-2005-4605 (original)
+++ patch-tracking/CVE-2005-4605 Sun Jan 8 14:07:43 2006
@@ -12,7 +12,7 @@
jmm> 2.4 not affected as proc_file_lseek() contains a check for this
jmm> if (offset>=0 && (unsigned long long)offset<=file->f_dentry->d_inode->i_sb->s_maxbytes) {
Bugs:
-upstream: released (2.6.15)
+upstream: released (2.6.15), released (2.6.14.6)
linux-2.6: released (2.6.15-1)
2.6.8-sarge-security: pending (2.6.8-16sarge2) [proc-legacy-loff-underflow.dpatch]
2.4.27-sarge-security: N/A
More information about the Kernel-svn-changes
mailing list