retire issue

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@992 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 25 insertions, 0 deletions

diff --git a/retired/CVE-2007-2875 b/retired/CVE-2007-2875
new file mode 100644
index 00000000..e8ac6da3
--- /dev/null
+++ b/retired/CVE-2007-2875
@@ -0,0 +1,25 @@
+Candidate: CVE-2007-2875
+References: 
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.20.y.git;a=commit;h=85badbdf5120d246ce2bb3f1a7689a805f9c9006
+ http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4
+Description: 
+ Integer underflow in the cpuset_tasks_read function in the Linux kernel
+ before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem
+ is mounted, allows local users to obtain kernel memory contents by using a
+ large offset when reading the /dev/cpuset/tasks file.
+Ubuntu-Description: 
+ An integer underflow was discovered in the cpuset filesystem.  If mounted,
+ local attackers could obtain kernel memory using large file offsets while
+ reading the tasks file. This could disclose sensitive data.
+Notes: 
+ Use simple_read_from_buffer to avoid possible underflow in
+ cpuset_tasks_read which could allow user to read kernel memory.
+Bugs: 
+upstream: released (2.6.21.4)
+linux-2.6: released (2.6.21-5)
+2.6.18-etch-security: released (2.6.18.dfsg.1-13etch2) [bugfix/cpuset_tasks-underflow.patch]
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.15-dapper-security: released (2.6.15-28.57)
+2.6.17-edgy-security: released (2.6.17.1-11.39) [1448fa0c7be21a3c6c31b20d19a8ecfafdfea143]
+2.6.20-feisty-security: released (2.6.20-16.31) [b07fd0532409fb2332562abc2254376222d1e913]