[kernel] r6788 - patch-tracking/dsa-texts
Micah Anderson
micah at costa.debian.org
Sat Jun 10 14:44:23 UTC 2006
Author: micah
Date: Sat Jun 10 14:44:22 2006
New Revision: 6788
Modified:
patch-tracking/dsa-texts/2.4.27-sarge3
patch-tracking/dsa-texts/2.6.8-sarge3
Log:
small updates
Modified: patch-tracking/dsa-texts/2.4.27-sarge3
==============================================================================
--- patch-tracking/dsa-texts/2.4.27-sarge3 (original)
+++ patch-tracking/dsa-texts/2.4.27-sarge3 Sat Jun 10 14:44:22 2006
@@ -32,14 +32,14 @@
CVE-2006-0039
"Solar Designer" discovered a race condition in netfilter's
- do_add_counters() function, which allows information disclosure of kernel
- memory by exploiting a race condition. Likewise, it requires CAP_NET_ADMIN
- privileges.
+ do_add_counters() function, which allows information disclosure of
+ kernel memory by exploiting a race condition. Like CVE-2006-0038,
+ it requires CAP_NET_ADMIN privileges.
CVE-2006-0741
Intel EM64T systems were discovered to be susceptible to a local
- DoS due to an endless recursive fault related to a bad elf entry
+ DoS due to an endless recursive fault related to a bad ELF entry
address.
CVE-2006-0742
@@ -125,13 +125,15 @@
CVE-2006-2272
- The "Mu security team" discovered that fragmented SCTP control chunks can
- trigger kernel panics, which allows denial of service.
+ The "Mu security team" discovered that fragmented SCTP control
+ chunks can trigger kernel panics, which allows for denial of
+ service attacks.
CVE-2006-2274
- It was discovered that SCTP packets with two initial bundled data packets
- can lead to infinite recursion, which allows denial of service.
+ It was discovered that SCTP packets with two initial bundled data
+ packets can lead to infinite recursion, which allows for denial of
+ service attacks.
Modified: patch-tracking/dsa-texts/2.6.8-sarge3
==============================================================================
--- patch-tracking/dsa-texts/2.6.8-sarge3 (original)
+++ patch-tracking/dsa-texts/2.6.8-sarge3 Sat Jun 10 14:44:22 2006
@@ -175,13 +175,15 @@
CVE-2006-2272
- The "Mu security team" discovered that fragmented SCTP control chunks can
- trigger kernel panics, which allows denial of service.
+ The "Mu security team" discovered that fragmented SCTP control
+ chunks can trigger kernel panics, which allows for denial of
+ service attacks.
CVE-2006-2274
- It was discovered that SCTP packets with two initial bundled data packets
- can lead to infinite recursion, which allows denial of service.
+ It was discovered that SCTP packets with two initial bundled data
+ packets can lead to infinite recursion, which allows for denial of
+ service attacks.
More information about the Kernel-svn-changes
mailing list