diff options
author | dann frazier <dannf@debian.org> | 2006-08-17 00:24:25 +0000 |
---|---|---|
committer | dann frazier <dannf@debian.org> | 2006-08-17 00:24:25 +0000 |
commit | f3581ec9b2d48c6103c22fecb46f713217d834e8 (patch) | |
tree | 16359328df8385089d75b771a15c849bc9d052ea /retired/CVE-2006-1066 | |
parent | fcaf6d1f99829e04e46b5eb27e1aac3451308455 (diff) |
move retired to the top level hierarchy so people can easily checkout just the active issues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@548 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2006-1066')
-rw-r--r-- | retired/CVE-2006-1066 | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/retired/CVE-2006-1066 b/retired/CVE-2006-1066 new file mode 100644 index 00000000..7636fdd7 --- /dev/null +++ b/retired/CVE-2006-1066 @@ -0,0 +1,40 @@ +Candidate: CVE-2006-1066 +References: +Description: 2.6.8 ia64 kernel w/ PREEMPT enabled permits local DoS (oops) +Notes: + From: dann frazier <dannf@dannf.org> + To: team@security.debian.org + Subject: kernel-image-2.6.8-ia64 - disable preempt + Date: Fri, 25 Mar 2005 18:57:59 -0700 + . + hey security team, + Its likely that kernel-image-2.6.8-ia64 (2.6.8-12) will be the version + that ships in sarge. This kernel has CONFIG_PREEMPT enabled, which has + at least one known issue in ptrace code that lets an unpriveleged + userspace process trigger an oops. This issue went away upstream by + 2.6.9, but its unclear what actually fixed it. SuSE/RedHat disable + PREEMPT for ia64 (or so I'm told), so they are not affected. This same + test case does _not_ fail on x86, which also has PREEMPT enabled for + sarge. + . + This issue has been known for a while, but I waited until after d-i + RC3 to upload it, since it changes the ABI. This fix is in the 2.6.8-13 + build in unstable, but the release team is blocking this kernel from + normal sarge propagation to keep the kernel udebs in sync. + . + . + dannf> This is only a config change, so it requires no changes to + dannf> kernel-source-2.6.8, but I'll use the kernel-source version + dannf> for the pending/released tags to match the others. +Bugs: +upstream: +linux-2.6: N/A +2.6.8-sarge-security: released (2.6.8-16sarge2) +2.4.27-sarge-security: N/A +2.6.8: needed +2.4.19-woody-security: N/A +2.4.18-woody-security: N/A +2.4.17-woody-security: N/A +2.4.16-woody-security: N/A +2.4.17-woody-security-hppa: N/A +2.4.17-woody-security-ia64: N/A |