retire CVE-2005-3105

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@840 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 35 insertions, 0 deletions

diff --git a/retired/CVE-2005-3105 b/retired/CVE-2005-3105
new file mode 100644
index 00000000..6ec46ce6
--- /dev/null
+++ b/retired/CVE-2005-3105
@@ -0,0 +1,35 @@
+Candidate: CVE-2005-3105
+References: 
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3105
+ Final-Decision: 
+ Interim-Decision: 
+ Modified: 
+ Proposed: 
+ Assigned: 20050930
+ Category: SF
+ Reference: MISC:http://www.intel.com/cd/ids/developer/asmo-na/eng/215766.htm
+ Reference: MISC:http://cache-www.intel.com/cd/00/00/21/57/215792_215792.pdf
+ Reference: CONFIRM:http://linux.bkbits.net:8080/linux-2.6/cset@4248d4019z8HvgrPAji51TKrWiV2uw?nav=index.html|src/|src/mm|related/mm/mprotect.c
+Description: 
+ The mrpotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito
+ processors does not properly maintain cache coherency as required by
+ the architecture, which allows local users to cause a denial of
+ service and possibly corrupt data by modifying PTE protections.
+ .
+ Extra information from Moritz Muehlenhof:
+ ia64 Montecito CPU do not maintain cache coherency correctly, which can be
+ exploited by a local DoS.
+ http://linux.bkbits.net:8080/linux-2.6/cset@4248d4019z8HvgrPAji51TKrWiV2uw?nav=index.html|src/|src/mm|related/mm/mprotect.c
+ .
+ dannf> These CPUs aren't available on the market yet, and I'm not sure
+ dannf> 2.4 is vulnerable.  Will have to attempt to reproduce when I can
+ dannf> get my hands on some hardware.  Ignoring for sarge2.
+ jmm> Have these CPUs ever been supported on 2.4? If not, we should mark N/A
+ dannf> they have not, and i've verified that booting the installer
+        fails almost immediately. marking 2.4 N/A
+Bugs: 332569
+upstream: 2.6.12
+2.6.8-sarge-security: released (2.6.8-16sarge1) [mckinley_icache.dpatch]
+2.4.27-sarge-security: N/A
+linux-2.6: N/A
+2.6.18-etch-security: N/A