diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2007-10-05 10:57:14 +0000 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2007-10-05 10:57:14 +0000 |
| commit | 4cea91d7d0df3ed16fce4559fa29ddd55461f0ca (patch) | |
| tree | b4450bcd8ae24dc511cf6ba1e9eb597e95274b30 /retired/CVE-2005-0504 | |
| parent | 8a99f3a6581f38051a77744db2baf2f5d91d3a0c (diff) | |
retire issue
record upstream fixes
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@993 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2005-0504')
| -rw-r--r-- | retired/CVE-2005-0504 | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/retired/CVE-2005-0504 b/retired/CVE-2005-0504 new file mode 100644 index 00000000..510fd8f3 --- /dev/null +++ b/retired/CVE-2005-0504 @@ -0,0 +1,36 @@ +Candidate: CVE-2005-0504 +References: + MISC:http://www.securitytracker.com/alerts/2005/Feb/1013273.html +Description: + Buffer overflow in the MoxaDriverIoctl function for the moxa serial + driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows + local users to execute arbitrary code via a certain modified length + value. +Ubuntu-Description: + A buffer overflow was discovered in the Moxa serial driver. Local + attackers could execute arbitrary code and gain root privileges. +Notes: + Make sure the length we're passing copy_from_user() is never negative or + too large for moxaBuff. + dannf> still not upstream as of 2.6.18-rc4, i've poked upstream about it + dannf> no response from maintainer - poked linux-serial: + http://article.gmane.org/gmane.linux.serial/1717 + dannf> no response from linux-serial, poked lkml + Jiri Slaby who has done + quite a bit of work on the driver recently: + http://lkml.org/lkml/2007/4/30/507 + dannf> dilinger points out in the above thread that its no longer a + security issue since a CAP_SYS_RAWIO was added (in 2.6.16). +Bugs: +upstream: released (2.6.16) +linux-2.6: released (2.6.16-1) +2.6.8-sarge-security: released (2.6.8-12) [030-moxa_user_copy_checking.dpatch] +2.4.27-sarge-security: released (2.4.27-8) [125_moxa_bound_checking.diff] +2.4.19-woody-security: released (2.4.19-4.woody3) +2.4.18-woody-security: released (2.4.18-14.4) +2.4.17-woody-security: released (2.4.17-1woody4) +2.4.16-woody-security: released (2.4.16-1woody3) +2.4.17-woody-security-hppa: released (32.5) +2.4.17-woody-security-ia64: released (011226.18) +2.4.18-woody-security-hppa: released (62.4) +2.6.18-etch-security: N/A +2.6.15-dapper-security: released (2.6.15-29.58) |