completed first draft of issue descriptions

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2325 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 98 insertions, 1 deletions

diff --git a/dsa-texts/2.6.32-34squeeze1 b/dsa-texts/2.6.32-34squeeze1
index cc3304cb..9f0be9f1 100644
--- a/dsa-texts/2.6.32-34squeeze1
+++ b/dsa-texts/2.6.32-34squeeze1
@@ -126,24 +126,121 @@ CVE-2011-1182
 
 CVE-2011-1476
 
-    Dan Rosenberg reported an issue in the 
+    Dan Rosenberg reported issues in the Open Sound System MIDI interface that
+    allow local users to cause a denial of service. This issue does not affect
+    official Debian Linux packages as they no longer provide support for OSS.
+    However, custom kernels built from Debians linux-source-2.6.32 may have
+    enabled this configuration and would therefore be vulnerable.
+
 CVE-2011-1477
+
+    Dan Rosenberg reported issues in the Open Sound System driver for cards
+    that include a Yamaha FM synthesizer chip. Local users can cause memory
+    corruption resulting in a denial of service. This issue does not affect
+    official Debian Linux packages as they no longer provide support for OSS.
+    However, custom kernels built from Debians linux-source-2.6.32 may have
+    enabled this configuration and would therefore be vulnerable.
+
 CVE-2011-1478
+
+    Ryan Sweat reported an issue in the Generic Receive Offload (GRO) support
+    in the Linux networking subsystem. If an interface has GRO enabled and
+    is running in permiscuous mode, remote users can cause a denial of
+    service (NULL pointer dereference) by sending packets on an unknown
+    VLAN.
+
 CVE-2011-1493
+
+    Dan Rosenburg reported two issues in the Linux implementation of the Amateur
+    Radio X.25 PLP (Rose) protocol. A remote user can cause a denial of service
+    by providing specially crafted facilities fields.
+
 CVE-2011-1494
+
+    Dan Rosenberg reported an issue in the /dev/mpt2ctl interface provided
+    by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can
+    obtain elevated privileges by specially crafted ioctl calls. On default
+    Debian installations this is not exploitable as this interface is only
+    accessible to root.
+
 CVE-2011-1495
+
+    Dan Rosenberg reported two issues in the /dev/mpt2ctl interface provided
+    by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can
+    obtain elevated privileges and ready arbitrary kernel memory by using
+    specially crafted ioctl calls. On default Debian installations this
+    is not exploitable as this interface is only accessible to root.
+
 CVE-2011-1585
+
+    Jeff Layton reported an issue in the Common Internet File System (CIFS).
+    Local users can bypass authentication requirements for shares that are
+    already mounted by another user.
+
 CVE-2011-1593
+
+    Robert Swiecki reported a signednes issue in the next_pidmap() function,
+    which can be exploited my local users to cause a denial of service.
+
 CVE-2011-1598
+
+    Dave Jones reported an issue in the Broadcast Manager Controller Area
+    Network (CAN/BCM) protocol that may allow local users to cause a NULL
+    pointer dereference, resulting in a denial of service.
+
 CVE-2011-1745
+
+    Vasiliy Kulikov reported an issue in the Linux support for AGP devices.
+    Local users can obtain elevated privileges or cause a denial of service
+    due to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian
+    installations, this is exploitable only by users in the video group.
+
 CVE-2011-1746
+
+    Vasiliy Kulikov reported an issue in the Linux support for AGP devices.
+    Local users can obtain elevated privileges or cause a denial of service
+    due to missing bounds checking in the agp_allocate_memory and
+    agp_create_user_memory. On default Debian installations, this is
+    exploitable only by users in the video group.
+
 CVE-2011-1748
+
+    Oliver Kartkopp reported an issue in the Controller Area Network (CAN)
+    raw socket implementation which permits ocal users to cause a NULL
+    pointer dereference, resulting in a denial of service.
+    
 CVE-2011-1759
+
+    Dan Rosenberg reported an issue in the support for executing "old ABI"
+    binaries on ARM processors. Local users can obtain elevated privileges
+    due to insufficient bounds checking in the semtimedop system call.
+
 CVE-2011-1767
+
+    Alexecy Dobriyan reported an issue in the GRE over IP implementation.
+    Remote users can cause a denial of service by sending a packet during
+    module initialization.
+
 CVE-2011-1770
+
+    Dan Rosenberg reported an issue in the Datagram Congestion Control Protocol
+    (DCCP). Remote users can cause a denial of service or potentially obtain
+    access to sensitive kernel memory.
+
 CVE-2011-1776
+
+    Timo Warns reported an issue in the Linux implementation for GUID
+    partitions. Users with physical access can gain access to sensitive
+    kernel memory by adding a storage device with a specially crafted
+    corrupted invalid partition table.
+
 CVE-2011-2022
 
+    Vasiliy Kulikov reported an issue in the Linux support for AGP devices.
+    Local users can obtain elevated privileges or cause a denial of service
+    due to missing bounds checking in the AGPIOC_UNBIND ioctl. On default
+    Debian installations, this is exploitable only by users in the video group.
+
 This update also includes fixes a regression introduced by a previous
 update. See the referenced Debian bug page for details.