[kernel] r5499 - patch-tracking

Dann Frazier dannf at costa.debian.org
Tue Jan 17 07:01:24 UTC 2006 

Author: dannf
Date: Tue Jan 17 07:01:18 2006
New Revision: 5499

Modified:
   patch-tracking/CVE-2005-1264
   patch-tracking/CVE-2005-1265
   patch-tracking/CVE-2005-1761
   patch-tracking/CVE-2005-1763
   patch-tracking/CVE-2005-1765
   patch-tracking/CVE-2005-3109
   patch-tracking/CVE-2005-3527
   patch-tracking/CVE-2005-4441
Log:
random updates - no new fixes

Modified: patch-tracking/CVE-2005-1264
==============================================================================
--- patch-tracking/CVE-2005-1264	(original)
+++ patch-tracking/CVE-2005-1264	Tue Jan 17 07:01:18 2006
@@ -15,6 +15,7 @@
  boundaries by making kernel address space accessible from user space, a
  similar vulnerability to CVE-2005-1589.
 Notes: 
+ dannf> Code is very different in 2.4, don't know if its vulnerable
 Bugs: 
 upstream: released (2.6.11.10)
 linux-2.6: 

Modified: patch-tracking/CVE-2005-1265
==============================================================================
--- patch-tracking/CVE-2005-1265	(original)
+++ patch-tracking/CVE-2005-1265	Tue Jan 17 07:01:18 2006
@@ -6,6 +6,7 @@
  to cause a denial of service (kernel crash)
 Notes: 
  jmm> I've pulled the patch by Linus from the above-mentioned Ubuntu advisory
+ dannf> Code is very different in 2.4; dunno if its vulnerable
 Bugs: 
 upstream: 
 linux-2.6: 

Modified: patch-tracking/CVE-2005-1761
==============================================================================
--- patch-tracking/CVE-2005-1761	(original)
+++ patch-tracking/CVE-2005-1761	Tue Jan 17 07:01:18 2006
@@ -9,6 +9,8 @@
 Notes: 
  jmm> This uses arch-ia64-ptrace-restore_sigcontext.dpatch, correct?
  dannf> 2.4 patch for ia64 from SuSE in: CVE-2005-1761-linux24.patch
+ dannf> Unfortunately, its against an older 2.4, so this doesn't apply
+ dannf> trivially
 Bugs: 
 upstream: released (2.6.12.1)
 linux-2.6: N/A

Modified: patch-tracking/CVE-2005-1763
==============================================================================
--- patch-tracking/CVE-2005-1763	(original)
+++ patch-tracking/CVE-2005-1763	Tue Jan 17 07:01:18 2006
@@ -5,6 +5,9 @@
  Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows
  local users to write bytes into kernel memory.
 Notes: 
+ dannf> The patch we have is only for x86_64.  This code was very different
+ dannf> in 2.4, and we don't ship 2.4/amd64, so we can probably drop this one.
+ dannf> The question is, does this affect other 64-bit archs?
 Bugs: 
 upstream: released (2.6.12-rc5)
 linux-2.6: N/A

Modified: patch-tracking/CVE-2005-1765
==============================================================================
--- patch-tracking/CVE-2005-1765	(original)
+++ patch-tracking/CVE-2005-1765	Tue Jan 17 07:01:18 2006
@@ -8,15 +8,17 @@
  a denial of service (kernel hang) via crafted arguments.
 Notes: 
  jmm> I've extracted the patch from the Ubuntu update (CVE-2005-1765.patch)
+ dannf> This code was very different in 2.4, and we don't ship 2.4/amd64, so
+        I'll mark 2.4 N/A
 Bugs: 
 upstream: 
 linux-2.6: 
 2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-mm-mmap.dpatch]
-2.4.27-sarge-security: 
-2.4.19-woody-security: 
-2.4.18-woody-security: 
-2.4.17-woody-security: 
-2.4.16-woody-security: 
-2.4.17-woody-security-hppa: 
-2.4.17-woody-security-ia64: 
-2.4.18-woody-security-hppa: 
+2.4.27-sarge-security: N/A
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
+2.4.18-woody-security-hppa: N/A

Modified: patch-tracking/CVE-2005-3109
==============================================================================
--- patch-tracking/CVE-2005-3109	(original)
+++ patch-tracking/CVE-2005-3109	Tue Jan 17 07:01:18 2006
@@ -16,15 +16,17 @@
  Extra information from Moritz Muehlenhof:
  Local DoS through oops by mounting a non-HFS+ filesystem as HFS+.
  Asking upstream about 2.4: http://lkml.org/lkml/2005/10/7/3/index.html
+ dannf> Looks like, from the above thread, that 2.4 is not affected; marking
+        as such.
 upstream: released (2.6.11.12)
 2.6.8-sarge-security: released (2.6.8-16sarge1) [fs-hfs-oops-and-leak.dpatch]
-2.4.27-sid/sarge: 
-2.4.27-sarge-security: 
+2.4.27-sid/sarge: N/A
+2.4.27-sarge-security: N/A
 linux-2.6: N/A
-2.4.19-woody-security: 
-2.4.18-woody-security: 
-2.4.17-woody-security: 
-2.4.16-woody-security: 
-2.4.17-woody-security-hppa: 
-2.4.17-woody-security-ia64: 
-2.4.18-woody-security-hppa: 
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
+2.4.18-woody-security-hppa: N/A

Modified: patch-tracking/CVE-2005-3527
==============================================================================
--- patch-tracking/CVE-2005-3527	(original)
+++ patch-tracking/CVE-2005-3527	Tue Jan 17 07:01:18 2006
@@ -29,7 +29,7 @@
 upstream: released (2.6.14)
 linux-2.6: N/A
 2.6.8-sarge-security: ignored (2.6.8-16sarge2)
-2.4.27-sarge-security: 
+2.4.27-sarge-security: ignored (2.4.27-10sarge2)
 2.4.19-woody-security: 
 2.4.18-woody-security: 
 2.4.17-woody-security: 

Modified: patch-tracking/CVE-2005-4441
==============================================================================
--- patch-tracking/CVE-2005-4441	(original)
+++ patch-tracking/CVE-2005-4441	Tue Jan 17 07:01:18 2006
@@ -1,9 +1,17 @@
 Candidate: CVE-2005-4441
 References: 
- http://www.securityfocus.com/archive/1/archive/1/419831/100/0/threaded
- http://www.securityfocus.com/archive/1/archive/1/419834/100/0/threaded
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040333.html
+ BUGTRAQ:20051219 Making unidirectional VLAN and PVLAN jumping bidirectional
+ URL:http://www.securityfocus.com/archive/1/archive/1/419831/100/0/threaded
+ BUGTRAQ:20051219 Re: Making unidirectional VLAN and PVLAN jumping bidirectional
+ URL:http://www.securityfocus.com/archive/1/archive/1/419834/100/0/threaded
+ FULLDISC:20051219 Making unidirectional VLAN and PVLAN jumping bidirectional
+ URL:http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040333.html
 Description: 
+ The PVLAN protocol allows remote attackers to bypass network segmentation and
+ spoof PVLAN traffic via a PVLAN message with a target MAC address that is set
+ to a gateway router, which causes the packet to be sent to the router, where
+ the source MAC is modified, aka "Modification of the MAC spoofing PVLAN
+ jumping attack," as demonstrated by pvlan.c.
 Notes: 
  Quoting Horms:
  I've taken a quick look at this. I don't think that 1. (VLAN jumping) effects

More information about the Kernel-svn-changes mailing list