retire several issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@774 e094ebfe-e918-0410-adfb-c712417f3574
author: Moritz Muehlenhoff <jmm@debian.org> 2007-04-30 17:08:05 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2007-04-30 17:08:05 +0000
commit: 6471f3dab8b9f08bf043c1fcc49f8a0bf467300a (patch)
tree: 7dd98d6bb1c3629dde5999bcefede30fd9d5deee /retired/CVE-2006-5158
parent: 8290df912ecbf23e19610e57952fc68c45d59103 (diff)
1 files changed, 23 insertions, 0 deletions
diff --git a/retired/CVE-2006-5158 b/retired/CVE-2006-5158
new file mode 100644
index 00000000..7c3c692c
--- /dev/null
+++ b/retired/CVE-2006-5158
@@ -0,0 +1,23 @@
+Candidate: CVE-2006-5158
+References: 
+ http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9b5b1f5bf9dcdb6f23abf65977a675eb4deba3c0
+Description: 
+ The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel
+ before 2.6.16 allows remote attackers to cause a denial of service
+ (process crash) and deny access to NFS exports via unspecified
+ vectors that trigger a kernel oops (null dereference) and a deadlock.
+Ubuntu-Description:
+ Matthias Andree discovered that the NFS locking management daemon
+ (lockd) did not correctly handle mixing of 'lock' and 'nolock' option
+ mounts on the same client. A remote attacker could exploit this to
+ crash lockd and thus rendering the NFS imports inaccessible.
+Notes: 
+ Bug introduced in 2.6.9, fixed in 2.6.15-rc6
+Bugs: 
+upstream: 
+linux-2.6:
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.12-breezy-security: released (2.6.12-10.41)
+2.6.15-dapper-security: N/A
+2.6.17-edgy: N/A
author	Moritz Muehlenhoff <jmm@debian.org>	2007-04-30 17:08:05 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2007-04-30 17:08:05 +0000
commit	6471f3dab8b9f08bf043c1fcc49f8a0bf467300a (patch)
tree	7dd98d6bb1c3629dde5999bcefede30fd9d5deee /retired/CVE-2006-5158
parent	8290df912ecbf23e19610e57952fc68c45d59103 (diff)