retire CVE-2007-0006

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@815 e094ebfe-e918-0410-adfb-c712417f3574
author: Moritz Muehlenhoff <jmm@debian.org> 2007-05-07 17:32:50 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2007-05-07 17:32:50 +0000
commit: 2eab358b38e4c2c250b5f885310be4498fa063cc (patch)
tree: a8ad5f8e8e3a59fbe109fce2333949c9fc0280f1 /retired/CVE-2007-0006
parent: 32222cb0481a46097a08c1c88b9ae3bf717134b4 (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/retired/CVE-2007-0006 b/retired/CVE-2007-0006
new file mode 100644
index 00000000..4627b79b
--- /dev/null
+++ b/retired/CVE-2007-0006
@@ -0,0 +1,19 @@
+Candidate: CVE-2007-0006
+References: 
+ http://bugzilla.kernel.org/show_bug.cgi?id=7727
+ http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=9ad0830f307bcd8dc285cfae58998d43b21727f4
+Description: 
+ The key serial number collision avoidance code in the key_alloc_serial
+ function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a
+ denial of service (crash) via vectors that trigger a null dereference, as
+ originally reported as "spinlock CPU recursion."
+Ubuntu-Description: 
+Notes: 
+Bugs: 398470
+upstream: released (2.6.21, 2.6.20.2)
+linux-2.6: released (2.6.20-1)
+2.6.18-etch-security: released (2.6.18.dfsg.1-12) [bugfix/keys-serial-num-collision.patch]
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.15-dapper-security: released (2.6.15-28.53)
+2.6.17-edgy-security: released (2.6.17.1-11.37)
author	Moritz Muehlenhoff <jmm@debian.org>	2007-05-07 17:32:50 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2007-05-07 17:32:50 +0000
commit	2eab358b38e4c2c250b5f885310be4498fa063cc (patch)
tree	a8ad5f8e8e3a59fbe109fce2333949c9fc0280f1 /retired/CVE-2007-0006
parent	32222cb0481a46097a08c1c88b9ae3bf717134b4 (diff)