retire CVE-2007-2451

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@882 e094ebfe-e918-0410-adfb-c712417f3574
author: Moritz Muehlenhoff <jmm@debian.org> 2007-07-04 07:08:52 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2007-07-04 07:08:52 +0000
commit: 327c6fd974fb08a2a40d952ce4a76dbc7d460e69 (patch)
tree: 389938aa3b80be421486dcacf0d2af6d6ddafd81 /retired/CVE-2007-2451
parent: 56f33d1be950ced4a89bf504a42756ff17fcb40c (diff)
1 files changed, 21 insertions, 0 deletions
diff --git a/retired/CVE-2007-2451 b/retired/CVE-2007-2451
new file mode 100644
index 00000000..f685e96f
--- /dev/null
+++ b/retired/CVE-2007-2451
@@ -0,0 +1,21 @@
+Candidate: CVE-2007-2451
+References: 
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=761e784673d79c8ea9befdad31e30c65e0d20b82
+Description: 
+ Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in
+ the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive
+ information via unspecified vectors.
+Ubuntu-Description: 
+ The GEODE-AES driver did not correctly initialize the encryption key.
+ Any data encrypted using this type of device would be easily compromised.
+Notes: 
+ jmm> Vulnerable code was introduced after 2.6.19 release
+Bugs: 
+upstream: released (2.6.21.3, 2.6.20.12)
+linux-2.6: released (2.6.21-3)
+2.6.18-etch-security: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: released (2.6.20-16.29)
author	Moritz Muehlenhoff <jmm@debian.org>	2007-07-04 07:08:52 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2007-07-04 07:08:52 +0000
commit	327c6fd974fb08a2a40d952ce4a76dbc7d460e69 (patch)
tree	389938aa3b80be421486dcacf0d2af6d6ddafd81 /retired/CVE-2007-2451
parent	56f33d1be950ced4a89bf504a42756ff17fcb40c (diff)