[kernel] r5423 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Thu Jan 12 13:45:59 UTC 2006
Author: jmm-guest
Date: Thu Jan 12 13:45:58 2006
New Revision: 5423
Added:
patch-tracking/CVE-2005-4351
patch-tracking/CVE-2005-4352
Log:
two new issues in the LSM module for BSD secure levels
Added: patch-tracking/CVE-2005-4351
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2005-4351 Thu Jan 12 13:45:58 2006
@@ -0,0 +1,22 @@
+Candidate: CVE-2005-4351
+References:
+ http://www.redteam-pentesting.de/advisories/rt-sa-2005-15.txt
+Description:
+ The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8,
+ DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass
+ immutable settings for files by mounting another filesystem that masks the
+ immutable files while the system is running.
+Notes:
+ jmm> This affects the LSM module for BSD secure levels
+Bugs:
+upstream:
+linux-2.6:
+2.6.8-sarge-security:
+2.4.27-sarge-security:
+2.4.27:
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
Added: patch-tracking/CVE-2005-4352
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2005-4352 Thu Jan 12 13:45:58 2006
@@ -0,0 +1,23 @@
+Candidate: CVE-2005-4352
+References:
+ http://www.redteam-pentesting.de/advisories/rt-sa-2005-16.txt
+Description:
+ The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15
+ and earlier, allows local users to bypass time setting restrictions and set
+ the clock backwards by setting the clock ahead to the maximum unixtime value
+ (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901),
+ which can then be set ahead to the desired time, aka "settimeofday() time wrap."
+Notes:
+ jmm> This affects the LSM module for BSD secure levels
+Bugs:
+upstream:
+linux-2.6:
+2.6.8-sarge-security:
+2.4.27-sarge-security:
+2.4.27:
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
More information about the Kernel-svn-changes
mailing list