diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2007-10-05 06:49:35 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2007-10-05 06:49:35 +0000 |
commit | 8a99f3a6581f38051a77744db2baf2f5d91d3a0c (patch) | |
tree | 77a9d084eb07b101f0cb99ebc66b31372db302ee /retired/CVE-2007-2875 | |
parent | 1d86dd1721b3911de17784baad139a0982648886 (diff) |
retire issue
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@992 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2007-2875')
-rw-r--r-- | retired/CVE-2007-2875 | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/retired/CVE-2007-2875 b/retired/CVE-2007-2875 new file mode 100644 index 00000000..e8ac6da3 --- /dev/null +++ b/retired/CVE-2007-2875 @@ -0,0 +1,25 @@ +Candidate: CVE-2007-2875 +References: + http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.20.y.git;a=commit;h=85badbdf5120d246ce2bb3f1a7689a805f9c9006 + http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4 +Description: + Integer underflow in the cpuset_tasks_read function in the Linux kernel + before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem + is mounted, allows local users to obtain kernel memory contents by using a + large offset when reading the /dev/cpuset/tasks file. +Ubuntu-Description: + An integer underflow was discovered in the cpuset filesystem. If mounted, + local attackers could obtain kernel memory using large file offsets while + reading the tasks file. This could disclose sensitive data. +Notes: + Use simple_read_from_buffer to avoid possible underflow in + cpuset_tasks_read which could allow user to read kernel memory. +Bugs: +upstream: released (2.6.21.4) +linux-2.6: released (2.6.21-5) +2.6.18-etch-security: released (2.6.18.dfsg.1-13etch2) [bugfix/cpuset_tasks-underflow.patch] +2.6.8-sarge-security: N/A +2.4.27-sarge-security: N/A +2.6.15-dapper-security: released (2.6.15-28.57) +2.6.17-edgy-security: released (2.6.17.1-11.39) [1448fa0c7be21a3c6c31b20d19a8ecfafdfea143] +2.6.20-feisty-security: released (2.6.20-16.31) [b07fd0532409fb2332562abc2254376222d1e913] |