retire 2006-2071

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@568 e094ebfe-e918-0410-adfb-c712417f3574
author: dann frazier <dannf@debian.org> 2006-08-27 03:36:57 +0000
committer: dann frazier <dannf@debian.org> 2006-08-27 03:36:57 +0000
commit: 8aa87571e06dc8c1fb0baee5a47220e897387a80 (patch)
tree: d0fe762e3479eba9302018335546446ccb02bd08 /retired/CVE-2006-2071
parent: 93132f13236e5d31a1e6423cecdf0cb27b350d95 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2006-2071 b/retired/CVE-2006-2071
new file mode 100644
index 00000000..5f190932
--- /dev/null
+++ b/retired/CVE-2006-2071
@@ -0,0 +1,17 @@
+Candidate: CVE-2006-2071
+References: 
+ http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6 
+ http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b78b6af66a5fbaf17d7e6bfc32384df5e34408c8 
+ https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190073
+Description: 
+ Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC
+ permissions and modify a readonly attachment of shared memory by using
+ mprotect to give write permission to the attachment. NOTE: some original raw
+ sources combined this issue with CVE-2006-1524, but they are different bugs.
+Notes: 
+Bugs: 
+upstream: released (2.6.16.6)
+linux-2.6.16: released (2.6.16-8)
+linux-2.6: released (2.6.16-8)
+2.6.8-sarge-security: released (2.6.8-16sarge3)
+2.4.27-sarge-security: released (2.4.27-10sarge3)
author	dann frazier <dannf@debian.org>	2006-08-27 03:36:57 +0000
committer	dann frazier <dannf@debian.org>	2006-08-27 03:36:57 +0000
commit	8aa87571e06dc8c1fb0baee5a47220e897387a80 (patch)
tree	d0fe762e3479eba9302018335546446ccb02bd08 /retired/CVE-2006-2071
parent	93132f13236e5d31a1e6423cecdf0cb27b350d95 (diff)