[kernel] r5423 - patch-tracking

Moritz Muehlenhoff jmm-guest at costa.debian.org
Thu Jan 12 13:45:59 UTC 2006 

Author: jmm-guest
Date: Thu Jan 12 13:45:58 2006
New Revision: 5423

Added:
   patch-tracking/CVE-2005-4351
   patch-tracking/CVE-2005-4352
Log:
two new issues in the LSM module for BSD secure levels


Added: patch-tracking/CVE-2005-4351
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2005-4351	Thu Jan 12 13:45:58 2006
@@ -0,0 +1,22 @@
+Candidate: CVE-2005-4351
+References:
+ http://www.redteam-pentesting.de/advisories/rt-sa-2005-15.txt
+Description: 
+ The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8,
+ DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass
+ immutable settings for files by mounting another filesystem that masks the
+ immutable files while the system is running.
+Notes:
+ jmm> This affects the LSM module for BSD secure levels
+Bugs: 
+upstream: 
+linux-2.6:
+2.6.8-sarge-security: 
+2.4.27-sarge-security: 
+2.4.27:
+2.4.19-woody-security: 
+2.4.18-woody-security: 
+2.4.17-woody-security: 
+2.4.16-woody-security: 
+2.4.17-woody-security-hppa: 
+2.4.17-woody-security-ia64: 

Added: patch-tracking/CVE-2005-4352
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2005-4352	Thu Jan 12 13:45:58 2006
@@ -0,0 +1,23 @@
+Candidate: CVE-2005-4352
+References: 
+ http://www.redteam-pentesting.de/advisories/rt-sa-2005-16.txt
+Description: 
+ The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15
+ and earlier, allows local users to bypass time setting restrictions and set
+ the clock backwards by setting the clock ahead to the maximum unixtime value
+ (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901),
+ which can then be set ahead to the desired time, aka "settimeofday() time wrap."
+Notes: 
+ jmm> This affects the LSM module for BSD secure levels
+Bugs: 
+upstream: 
+linux-2.6:
+2.6.8-sarge-security: 
+2.4.27-sarge-security: 
+2.4.27:
+2.4.19-woody-security: 
+2.4.18-woody-security: 
+2.4.17-woody-security: 
+2.4.16-woody-security: 
+2.4.17-woody-security-hppa: 
+2.4.17-woody-security-ia64:

More information about the Kernel-svn-changes mailing list