[kernel] r6189 - patch-tracking/dsa-texts
Dann Frazier
dannf at costa.debian.org
Tue Mar 14 23:09:58 UTC 2006
Author: dannf
Date: Tue Mar 14 23:09:52 2006
New Revision: 6189
Modified:
patch-tracking/dsa-texts/2.4.27-sarge2
patch-tracking/dsa-texts/2.6.8-sarge2
Log:
some minor rewording, and a correction of the description of CVE-2005-1761
Modified: patch-tracking/dsa-texts/2.4.27-sarge2
==============================================================================
--- patch-tracking/dsa-texts/2.4.27-sarge2 (original)
+++ patch-tracking/dsa-texts/2.4.27-sarge2 Tue Mar 14 23:09:52 2006
@@ -33,7 +33,7 @@
A numeric casting discrepancy in sdla_xfer allows local users to read
portions of kernel memory via a large len argument which is received as an
- int but cast to a short, which prevents a read loop from filling a buffer.
+ int but cast to a short, preventing read loop from filling a buffer.
CVE-2005-0449
@@ -43,15 +43,14 @@
CVE-2005-1761
- The driver for compressed ISO file systems (zisofs) allows local users and
- remote attackers to cause a kernel crash denial of service via a crafted
- compressed ISO file system.
+ A vulnerability in the ptrace subsystem of the IA-64 architecture can
+ allow local attackers to overwrite kernel memory and crash the kernel.
CVE-2005-2457
- Tim Yamin discovered that insufficient input validation in the zisofs driver
- for compressed ISO file systems allows a denial of service attack through
- crafted ISO images.
+ Tim Yamin discovered that insufficient input validation in the compressed
+ ISO file system (zisofs) allows a denial of service attack through
+ maliciously crafted ISO images.
CVE-2005-2555
@@ -94,7 +93,7 @@
CVE-2005-3857
Chris Wright discovered that excessive allocation of broken file lock leases
- in the VFS layer can exhause memory and fill up the system logging, which allows
+ in the VFS layer can exhaust memory and fill up the system logging, which allows
denial of service.
CVE-2005-3858
@@ -104,8 +103,8 @@
CVE-2005-4618
- Yi Ying discovered that sysctl does inproperly enforce the size of a buffer, which
- allows a denial of service attack.
+ Yi Ying discovered that sysctl does not properly enforce the size of a
+ buffer, which allows a denial of service attack.
The following matrix explains which kernel version for which architecture
fix the problems mentioned above:
Modified: patch-tracking/dsa-texts/2.6.8-sarge2
==============================================================================
--- patch-tracking/dsa-texts/2.6.8-sarge2 (original)
+++ patch-tracking/dsa-texts/2.6.8-sarge2 Tue Mar 14 23:09:52 2006
@@ -39,7 +39,7 @@
Tim Yamin discovered that insufficient input validation in the zisofs driver
for compressed ISO file systems allows a denial of service attack through
- crafted ISO images.
+ maliciously crafted ISO images.
CVE-2005-2490
@@ -122,8 +122,8 @@
CVE-2005-3784
- The auto-reaping functionality included ptraced processes, which allows denial
- of service through dangling references.
+ The auto-reaping of childe processes functionality included ptraced-attached
+ processes, which allows denial of service through dangling references.
CVE-2005-3806
@@ -144,7 +144,7 @@
CVE-2005-3857
Chris Wright discovered that excessive allocation of broken file lock leases
- in the VFS layer can exhause memory and fill up the system logging, which allows
+ in the VFS layer can exhaust memory and fill up the system logging, which allows
denial of service.
CVE-2005-3858
@@ -155,11 +155,11 @@
CVE-2005-4605
Karl Janmar discovered that a signedness error in the procfs code can be exploited
- to read kernel memory, which may disclosure sensitive information.
+ to read kernel memory, which may disclose sensitive information.
CVE-2005-4618
- Yi Ying discovered that sysctl does inproperly enforce the size of a buffer, which
+ Yi Ying discovered that sysctl does not properly enforce the size of a buffer, which
allows a denial of service attack.
CVE-2006-0095
@@ -169,13 +169,13 @@
CVE-2006-0096
- It was discovered that the SDLA driver did too lax capability checks for firmware
- upgrades.
+ It was discovered that the SDLA driver's capability checks were too lax
+ for firmware upgrades.
CVE-2006-0482
Ludovic Courtes discovered that get_compat_timespec() performs insufficient input
- sanitising, which allows a local denial of service attack.
+ sanitizing, which allows a local denial of service attack.
CVE-2006-1066
More information about the Kernel-svn-changes
mailing list