retire a few issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@555 e094ebfe-e918-0410-adfb-c712417f3574
author: dann frazier <dannf@debian.org> 2006-08-17 04:01:21 +0000
committer: dann frazier <dannf@debian.org> 2006-08-17 04:01:21 +0000
commit: f011f50cc5b65699b9e55c7e54ab9d7050adf932 (patch)
tree: 4db6008dfd11286b0fe8b2979da3dce40bf9099d /retired/CVE-2005-0179
parent: 2da7a0ae8b12b0a98811b7ebb63e7a3d125ed205 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/retired/CVE-2005-0179 b/retired/CVE-2005-0179
new file mode 100644
index 00000000..323bf2c7
--- /dev/null
+++ b/retired/CVE-2005-0179
@@ -0,0 +1,20 @@
+Candidate: CVE-2005-0179
+References: 
+ http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030660.html
+ http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
+ http://www.redhat.com/support/errata/RHSA-2005-092.html
+Description: 
+ Linux kernel 2.4.x and 2.6.x allows local users to cause a denial
+ of service (CPU and memory  consumption) and bypass RLIM_MEMLOCK
+ limits via the mlockall call.
+Notes: 
+ jmm> The vulnerable code was only introduced in 2.6.9
+ dannf> I believe this is fixed in:
+  http://linux.bkbits.net:8080/linux-2.6/cset@41e2d63eQyYc3q3MPkKLhEktFoqfUw?nav=index.html|src/|src/mm|related/mm/mmap.c
+ dannf> and since that was in 2.6.11, i'll mark upstream as such
+Bugs: 
+upstream: released (2.6.11)
+linux-2.6.16: N/A
+linux-2.6: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
author	dann frazier <dannf@debian.org>	2006-08-17 04:01:21 +0000
committer	dann frazier <dannf@debian.org>	2006-08-17 04:01:21 +0000
commit	f011f50cc5b65699b9e55c7e54ab9d7050adf932 (patch)
tree	4db6008dfd11286b0fe8b2979da3dce40bf9099d /retired/CVE-2005-0179
parent	2da7a0ae8b12b0a98811b7ebb63e7a3d125ed205 (diff)