[Secure-testing-team] CAN-2005-2500 (Was: Re: Bug#322273: [CAN-2005-2456]: XFRM array index buffer overflow)

[Horms]

On Wed, Aug 10, 2005 at 12:04:05PM +0200, Christoph Hellwig wrote:
> On Wed, Aug 10, 2005 at 11:47:12AM +0200, Moritz Muehlenhoff wrote:
> > Horms wrote:
> > > As for which package to log a bug against, or cretion of duplicate bugs.
> > > To be honest it doesn't matter. If you email
> > > debian-kernel at lists.debian.org, then you should get a response,
> > > regardless of if you open a bug in the BTS or not.
> > > CCing secure-testing-team at lists.alioth.debian.org if its a bug testing
> > > and team at security.debian.org if its a bug instable is also a good idea.
> > > 
> > > When we find problems, we just fix them. The BTS is really a bit to
> > > noisy for us to use it to track bugs effectively. Obviously this
> > > is a bit of a problem, but what I am trying to say is adding a bug
> > > to the BTS just emails debian-kernel anyway, and security bugs
> > > sent there are acted on. So my my advice is tho email the addresses
> > > above, and if you want to open a bug, just open it against any
> > > of the above packages that have the vulnerability.
> > 
> > Hi Horms,
> > there has been a CVE assignment for an overflow in xdr.c, which can be
> > exploited by crafted data in the nfsacl protocol: CAN-2005-2500
> > Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2500
> > for some links to patches. I suspect it is already fixed in kernel-2.6,
> > but 2.6.8 and 2.4.27 might need backports.
> 
> No, nfsacl has only been added very recently and is not present in 2.4.x
> or 2.6.8.

Thanks Christoph,

I have confirmed that this code isn't present in the 2.6.8 or 2.4.27 
debian kernels.

-- 
Horms