diff options
author | dann frazier <dannf@debian.org> | 2006-09-26 05:25:01 +0000 |
---|---|---|
committer | dann frazier <dannf@debian.org> | 2006-09-26 05:25:01 +0000 |
commit | b5dff88447542aeaeb052e46ac5a81f56b13b47b (patch) | |
tree | f208d9fb748aff5b1a6082182f77bd7a1bb2df9b /retired/CVE-2006-1343 | |
parent | 708584120cba90a6f017432e2ee45d9c5c1859dc (diff) |
retire all issues that have been fixed upstream and in all listed kernels that are affected
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@600 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2006-1343')
-rw-r--r-- | retired/CVE-2006-1343 | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/retired/CVE-2006-1343 b/retired/CVE-2006-1343 new file mode 100644 index 00000000..268db464 --- /dev/null +++ b/retired/CVE-2006-1343 @@ -0,0 +1,18 @@ +Candidate: CVE-2006-1343 +References: + http://marc.theaimsgroup.com/?l=linux-netdev&m=114148078223594&w=2 +Description: + net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and + possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not + clear sockaddr_in.sin_zero before returning IPv4 socket names from the + getsockopt function with SO_ORIGINAL_DST, which allows local users to + obtain portions of potentially sensitive memory. +Notes: + troyh> This isn't fixed upstream in 2.6 yet, at least not in the same way as 2.4 + dannf> marking ignored for sarge3/2.6 due to ^^ + jmm> It's now fixed upstream in 2.6 as well, let's include it in sarge4 +Bugs: +upstream: released (2.4.33-pre3), released (2.6.16.19) +linux-2.6: released (2.6.16-15) +2.6.8-sarge-security: released (2.6.8-16sarge5) [netfilter-SO_ORIGINAL_DST-leak.dpatch] +2.4.27-sarge-security: released (2.4.27-10sarge3) [212_ipv4-sin_zero_clear.diff] |