diff options
author | dann frazier <dannf@debian.org> | 2006-08-17 04:01:21 +0000 |
---|---|---|
committer | dann frazier <dannf@debian.org> | 2006-08-17 04:01:21 +0000 |
commit | f011f50cc5b65699b9e55c7e54ab9d7050adf932 (patch) | |
tree | 4db6008dfd11286b0fe8b2979da3dce40bf9099d /retired/CVE-2005-0179 | |
parent | 2da7a0ae8b12b0a98811b7ebb63e7a3d125ed205 (diff) |
retire a few issues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@555 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2005-0179')
-rw-r--r-- | retired/CVE-2005-0179 | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/retired/CVE-2005-0179 b/retired/CVE-2005-0179 new file mode 100644 index 00000000..323bf2c7 --- /dev/null +++ b/retired/CVE-2005-0179 @@ -0,0 +1,20 @@ +Candidate: CVE-2005-0179 +References: + http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030660.html + http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930 + http://www.redhat.com/support/errata/RHSA-2005-092.html +Description: + Linux kernel 2.4.x and 2.6.x allows local users to cause a denial + of service (CPU and memory consumption) and bypass RLIM_MEMLOCK + limits via the mlockall call. +Notes: + jmm> The vulnerable code was only introduced in 2.6.9 + dannf> I believe this is fixed in: + http://linux.bkbits.net:8080/linux-2.6/cset@41e2d63eQyYc3q3MPkKLhEktFoqfUw?nav=index.html|src/|src/mm|related/mm/mmap.c + dannf> and since that was in 2.6.11, i'll mark upstream as such +Bugs: +upstream: released (2.6.11) +linux-2.6.16: N/A +linux-2.6: N/A +2.6.8-sarge-security: N/A +2.4.27-sarge-security: N/A |