[kernel] r5499 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Tue Jan 17 07:01:24 UTC 2006
Author: dannf
Date: Tue Jan 17 07:01:18 2006
New Revision: 5499
Modified:
patch-tracking/CVE-2005-1264
patch-tracking/CVE-2005-1265
patch-tracking/CVE-2005-1761
patch-tracking/CVE-2005-1763
patch-tracking/CVE-2005-1765
patch-tracking/CVE-2005-3109
patch-tracking/CVE-2005-3527
patch-tracking/CVE-2005-4441
Log:
random updates - no new fixes
Modified: patch-tracking/CVE-2005-1264
==============================================================================
--- patch-tracking/CVE-2005-1264 (original)
+++ patch-tracking/CVE-2005-1264 Tue Jan 17 07:01:18 2006
@@ -15,6 +15,7 @@
boundaries by making kernel address space accessible from user space, a
similar vulnerability to CVE-2005-1589.
Notes:
+ dannf> Code is very different in 2.4, don't know if its vulnerable
Bugs:
upstream: released (2.6.11.10)
linux-2.6:
Modified: patch-tracking/CVE-2005-1265
==============================================================================
--- patch-tracking/CVE-2005-1265 (original)
+++ patch-tracking/CVE-2005-1265 Tue Jan 17 07:01:18 2006
@@ -6,6 +6,7 @@
to cause a denial of service (kernel crash)
Notes:
jmm> I've pulled the patch by Linus from the above-mentioned Ubuntu advisory
+ dannf> Code is very different in 2.4; dunno if its vulnerable
Bugs:
upstream:
linux-2.6:
Modified: patch-tracking/CVE-2005-1761
==============================================================================
--- patch-tracking/CVE-2005-1761 (original)
+++ patch-tracking/CVE-2005-1761 Tue Jan 17 07:01:18 2006
@@ -9,6 +9,8 @@
Notes:
jmm> This uses arch-ia64-ptrace-restore_sigcontext.dpatch, correct?
dannf> 2.4 patch for ia64 from SuSE in: CVE-2005-1761-linux24.patch
+ dannf> Unfortunately, its against an older 2.4, so this doesn't apply
+ dannf> trivially
Bugs:
upstream: released (2.6.12.1)
linux-2.6: N/A
Modified: patch-tracking/CVE-2005-1763
==============================================================================
--- patch-tracking/CVE-2005-1763 (original)
+++ patch-tracking/CVE-2005-1763 Tue Jan 17 07:01:18 2006
@@ -5,6 +5,9 @@
Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows
local users to write bytes into kernel memory.
Notes:
+ dannf> The patch we have is only for x86_64. This code was very different
+ dannf> in 2.4, and we don't ship 2.4/amd64, so we can probably drop this one.
+ dannf> The question is, does this affect other 64-bit archs?
Bugs:
upstream: released (2.6.12-rc5)
linux-2.6: N/A
Modified: patch-tracking/CVE-2005-1765
==============================================================================
--- patch-tracking/CVE-2005-1765 (original)
+++ patch-tracking/CVE-2005-1765 Tue Jan 17 07:01:18 2006
@@ -8,15 +8,17 @@
a denial of service (kernel hang) via crafted arguments.
Notes:
jmm> I've extracted the patch from the Ubuntu update (CVE-2005-1765.patch)
+ dannf> This code was very different in 2.4, and we don't ship 2.4/amd64, so
+ I'll mark 2.4 N/A
Bugs:
upstream:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-mm-mmap.dpatch]
-2.4.27-sarge-security:
-2.4.19-woody-security:
-2.4.18-woody-security:
-2.4.17-woody-security:
-2.4.16-woody-security:
-2.4.17-woody-security-hppa:
-2.4.17-woody-security-ia64:
-2.4.18-woody-security-hppa:
+2.4.27-sarge-security: N/A
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
+2.4.18-woody-security-hppa: N/A
Modified: patch-tracking/CVE-2005-3109
==============================================================================
--- patch-tracking/CVE-2005-3109 (original)
+++ patch-tracking/CVE-2005-3109 Tue Jan 17 07:01:18 2006
@@ -16,15 +16,17 @@
Extra information from Moritz Muehlenhof:
Local DoS through oops by mounting a non-HFS+ filesystem as HFS+.
Asking upstream about 2.4: http://lkml.org/lkml/2005/10/7/3/index.html
+ dannf> Looks like, from the above thread, that 2.4 is not affected; marking
+ as such.
upstream: released (2.6.11.12)
2.6.8-sarge-security: released (2.6.8-16sarge1) [fs-hfs-oops-and-leak.dpatch]
-2.4.27-sid/sarge:
-2.4.27-sarge-security:
+2.4.27-sid/sarge: N/A
+2.4.27-sarge-security: N/A
linux-2.6: N/A
-2.4.19-woody-security:
-2.4.18-woody-security:
-2.4.17-woody-security:
-2.4.16-woody-security:
-2.4.17-woody-security-hppa:
-2.4.17-woody-security-ia64:
-2.4.18-woody-security-hppa:
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
+2.4.18-woody-security-hppa: N/A
Modified: patch-tracking/CVE-2005-3527
==============================================================================
--- patch-tracking/CVE-2005-3527 (original)
+++ patch-tracking/CVE-2005-3527 Tue Jan 17 07:01:18 2006
@@ -29,7 +29,7 @@
upstream: released (2.6.14)
linux-2.6: N/A
2.6.8-sarge-security: ignored (2.6.8-16sarge2)
-2.4.27-sarge-security:
+2.4.27-sarge-security: ignored (2.4.27-10sarge2)
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
Modified: patch-tracking/CVE-2005-4441
==============================================================================
--- patch-tracking/CVE-2005-4441 (original)
+++ patch-tracking/CVE-2005-4441 Tue Jan 17 07:01:18 2006
@@ -1,9 +1,17 @@
Candidate: CVE-2005-4441
References:
- http://www.securityfocus.com/archive/1/archive/1/419831/100/0/threaded
- http://www.securityfocus.com/archive/1/archive/1/419834/100/0/threaded
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040333.html
+ BUGTRAQ:20051219 Making unidirectional VLAN and PVLAN jumping bidirectional
+ URL:http://www.securityfocus.com/archive/1/archive/1/419831/100/0/threaded
+ BUGTRAQ:20051219 Re: Making unidirectional VLAN and PVLAN jumping bidirectional
+ URL:http://www.securityfocus.com/archive/1/archive/1/419834/100/0/threaded
+ FULLDISC:20051219 Making unidirectional VLAN and PVLAN jumping bidirectional
+ URL:http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040333.html
Description:
+ The PVLAN protocol allows remote attackers to bypass network segmentation and
+ spoof PVLAN traffic via a PVLAN message with a target MAC address that is set
+ to a gateway router, which causes the packet to be sent to the router, where
+ the source MAC is modified, aka "Modification of the MAC spoofing PVLAN
+ jumping attack," as demonstrated by pvlan.c.
Notes:
Quoting Horms:
I've taken a quick look at this. I don't think that 1. (VLAN jumping) effects
More information about the Kernel-svn-changes
mailing list