retire some issues now that Sarge support has ended

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1154 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 22 insertions, 0 deletions

diff --git a/retired/CVE-2005-0977 b/retired/CVE-2005-0977
new file mode 100644
index 00000000..77b44a61
--- /dev/null
+++ b/retired/CVE-2005-0977
@@ -0,0 +1,22 @@
+Candidate: CVE-2005-0977
+References: 
+ http://www.ubuntulinux.org/support/documentation/usn/usn-103-1
+ http://linux.bkbits.net:8080/linux-2.6/cset@420551fbRlv9-QG6Gw9Lw_bKVfPSsg
+ http://lkml.org/lkml/2005/2/5/111
+ http://www.securityfocus.com/bid/12970
+Description: 
+ The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel
+ 2.6 does not properly verify the address argument, which allows local users
+ to cause a denial of service (kernel crash) via an invalid address.
+Notes: 
+ dannf> 2.4 does look vulnerable, but the 2.6 fix won't work directly because
+ dannf> 2.4 doesn't have i_size_read().  The 2.6 i_size_read() uses seqlocks,
+ dannf> which aren't in 2.4, so the port isn't trivial for me.
+ dannf> Forwarded to Willy Tarreau on 2008.01.17
+Bugs: 303177
+upstream: released (2.6.11)
+linux-2.6: N/A
+2.6.8-sarge-security: released (2.6.8-16) [mm-shmem-truncate.dpatch]
+2.4.27-sarge-security: ignored (2.4.27-10sarge6) "need porting help"
+2.6.18-etch-security: N/A
+