retire CVE-2007-1734

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@847 e094ebfe-e918-0410-adfb-c712417f3574
author: Moritz Muehlenhoff <jmm@debian.org> 2007-06-06 06:30:59 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2007-06-06 06:30:59 +0000
commit: 69b752cd8d45e4ec4823783a6e6df7800c9a9880 (patch)
tree: b041250671af34e58b75c0e8cee685e5d33653b4 /retired/CVE-2007-1734
parent: 3b23fc994e6f6f7beb86b25dc3e7a0c8b92406d3 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/retired/CVE-2007-1734 b/retired/CVE-2007-1734
new file mode 100644
index 00000000..82b2e308
--- /dev/null
+++ b/retired/CVE-2007-1734
@@ -0,0 +1,20 @@
+Candidate: CVE-2007-1734
+References: 
+ http://www.securityfocus.com/archive/1/archive/1/463969/100/0/threaded
+Description: 
+ The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in
+ Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen
+ value, which allows local users running on certain architectures to read
+ kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730
+Ubuntu-Description: 
+Notes: 
+Bugs: 420875
+upstream: released (2.6.20.5, 2.6.21)
+linux-2.6: released (2.6.20-1) [bugfix/2.6.20.5]
+2.6.18-etch-security: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.12-breezy-security: N/A
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: published (linux-source-2.6.20-16.28)
author	Moritz Muehlenhoff <jmm@debian.org>	2007-06-06 06:30:59 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2007-06-06 06:30:59 +0000
commit	69b752cd8d45e4ec4823783a6e6df7800c9a9880 (patch)
tree	b041250671af34e58b75c0e8cee685e5d33653b4 /retired/CVE-2007-1734
parent	3b23fc994e6f6f7beb86b25dc3e7a0c8b92406d3 (diff)