retire several issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@774 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 24 insertions, 0 deletions

diff --git a/retired/CVE-2006-5649 b/retired/CVE-2006-5649
new file mode 100644
index 00000000..a89f6951
--- /dev/null
+++ b/retired/CVE-2006-5649
@@ -0,0 +1,24 @@
+Candidate: CVE-2006-5649
+References: 
+ http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4393c4f6788cee65095dd838cfeca6edefbfeb52
+Description: 
+ The alignment exception used to only check the exception table for
+ -EFAULT, not for other errors. That opens an oops window if we can
+ coerce the kernel into getting an alignment exception for other
+ reasons in what would normally be a user-protected accessor, which
+ can be done via some of the futex ops. This fixes it by always
+ checking the exception tables.
+Ubuntu-Description:
+ Fabio Massimo Di Nitto discovered a flaw in the alignment check
+ exception handling on the powerpc platform. A local attacker could
+ exploit this to cause a kernel panic and crash the machine.
+Notes: 
+ http://ozlabs.org/pipermail/linuxppc-dev/2006-October/027338.html
+Bugs: 
+upstream: released (2.6.19-rc5), released (2.6.18.3)
+linux-2.6: released (2.6.18-4)
+2.6.8-sarge-security: released (2.6.8-16sarge6) [ppc-alignment-exception-table-check.dpatch]
+2.4.27-sarge-security: released (2.4.27-10sarge5) [235_ppc-alignment-exception-table-check.diff]
+2.6.12-breezy-security: released (2.6.12-10.41)
+2.6.15-dapper-security: released (2.6.15-27.49)
+2.6.17-edgy-security: released (2.6.17.1-10.34)