[Secure-testing-team] 2.6.13.4
Horms
horms at debian.org
Tue Oct 11 10:56:30 UTC 2005
On Sun, Oct 09, 2005 at 12:18:54PM +0200, Moritz Muehlenhoff wrote:
> Hi Horms / security team,
> I found three more security related reports/patches on linux-kernel.
Below are my annotations of 2.6.13.4 for all sarge and beyond kernels.
The CONFIG_AUDITSYSCALL one seems to be security,
but we don't have a CVE. Ditto for the orinoco
and drm bugs, but thats already being delt with.
I'm particularly interested in someone checking my backports
of the sparc64 problem (not security).
The attached document currently resides in:
http://svn.debian.org/wsvn/kernel/people/horms/patch_notes/2.6-stable/2.6.13.4?op=file&rev=0&sc=0
--
Horms
-------------- next part --------------
Version: 2.6.13.4
URL: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git;a=tree;f=2.6.13.4
* ieee1394/sbp2: fixes for hot-unplug and module unloading
ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.patch
Security: No
2.6.13: applied
2.6.12: added to svn; ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.patch
2.6.8-sarge: added to svn; ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch
2.6.8-sarge-security: not a security fix
2.4.27-sid/sarge: not vulnerable
2.4.27-sarge-security: not vulnerable; not a security fix
* [SECURITY] orinoco: Information leakage due to incorrect padding
orinoco-info-leak.patch
Security: Yes; Should request CVE
2.6.13: applied
2.6.12: added to svn; orinoco-info-leak.patch
2.6.8-sarge: added to svn; backported; orinoco-info-leak.dpatch
2.6.8-sarge-security: added to svn; backported; orinoco-info-leak.dpatch
2.4.27-sid/sarge: added to svn; backported; 192_orinoco-info-leak.diff
2.4.27-sarge-security: added to svn; backported; 192_orinoco-info-leak.diff
* [TCP]: BIC coding bug in Linux 2.6.13
tcp-congestion-control-bug.patch
Security: No
2.6.13: applied
2.6.12: not vulnerable
2.6.8-sarge: not vulnerable
2.6.8-sarge-security: not vulnerable; not a security fix
2.4.27-sid/sarge: not vulnerable
2.4.27-sarge-security: not vulnerable; not a security fix
* [SECURITY] Fix drm 'debug' sysfs permissions
drm-module_param-permissions-fix.patch
Security: Yes; Should request CVE
2.6.13: applied
2.6.12: added to svn; drm-module_param-permissions-fix.patch
2.6.8-sarge: not vulnerable
2.6.8-sarge-security: not vulnerable
2.4.27-sid/sarge: not vulnerable
2.4.27-sarge-security: not vulnerable
* [SPARC64]: Fix userland FPU state corruption.
fix-sparc64-fpu-register-corruption.patch
Security: No
2.6.13: applied
2.6.12: added to svn; backport; fix-sparc64-fpu-register-corruption.patch
2.6.8-sarge: added to svn; backport; fix-sparc64-fpu-register-corruption.dpatch
2.6.8-sarge-security: not a security fix
2.4.27-sid/sarge: not vulnerable
2.4.27-sarge-security: not vulnerable
N.B: Could someone please look at these backports.
They were trivial enough, but I have no way of testing them,
nor do I have a good grasp of sparc assembly.
I know this bug was painful to find, so presumably
a miss-fix would be simmilarly painful. -- Horms
* [SECURITY] Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
plug-names_cache-memleak.patch
Security: Yes; Should request CVE
2.6.13: applied
2.6.12: added to svn; backport; plug-names_cache-memleak.dpatch
2.6.8-sarge: added to svn; backport; plug-names_cache-memleak.dpatch
2.6.8-sarge-security: added to svn; backport; plug-names_cache-memleak.dpatch
2.4.27-sid/sarge: added to svn; backport; 193_plug-names_cache-memleak.diff
2.4.27-sarge-security: added to svn; backport; 193_plug-names_cache-memleak.diff
* [SECURITY] key: plug request_key_auth memleak
See CAN-2005-3119
key-rka-memleak.patch
Security: Yes; CAN-2005-3119
2.6.13: applied
2.6.12: not vulnerable
2.6.8-sarge: not vulnerable
2.6.8-sarge-security: not vulnerable
2.4.27-sid/sarge: not vulnerable
2.4.27-sarge-security: not vulnerable
More information about the Secure-testing-team
mailing list