[kernel] r6903 - patch-tracking

[Moritz Muehlenhoff]

Author: jmm-guest
Date: Mon Jun 26 22:02:41 2006
New Revision: 6903

Modified:
   patch-tracking/CVE-2006-1856

Log:
add details to CVE-2006-1856


Modified: patch-tracking/CVE-2006-1856
==============================================================================
--- patch-tracking/CVE-2006-1856	(original)
+++ patch-tracking/CVE-2006-1856	Mon Jun 26 22:02:41 2006
@@ -1,16 +1,16 @@
 Candidate: CVE-2006-1856
 References: 
-Description: 
-Notes: 
+ Certain modifications to the Linux kernel 2.6.16 and earlier do not
+ add the appropriate Linux Security Modules (LSM) file_permission hooks 
+ to the (1) readv and (2) writev functions, which might allow attackers
+ to bypass intended access restrictions.
+Description:
+ http://lists.jammed.com/linux-security-module/2005/09/0019.html
+ http://www.ussg.iu.edu/hypermail/linux/kernel/0604.3/0777.html
+ https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=191524
+Notes:
 Bugs: 
 upstream: 
 linux-2.6:
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.4.27:
-2.4.19-woody-security: 
-2.4.18-woody-security: 
-2.4.17-woody-security: 
-2.4.16-woody-security: 
-2.4.17-woody-security-hppa: 
-2.4.17-woody-security-ia64: