Debian updates; retire several issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1197 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 21 insertions, 0 deletions

diff --git a/retired/CVE-2007-3104 b/retired/CVE-2007-3104
new file mode 100644
index 00000000..a3b6a8f9
--- /dev/null
+++ b/retired/CVE-2007-3104
@@ -0,0 +1,21 @@
+Candidate: CVE-2007-3104
+References: 
+Description: 
+ The sysfs_readdir function in the Linux kernel in Red Hat Enterprise
+ Linux 4.5 allows local users to cause a denial of service (kernel OOPS)
+ by dereferencing a null pointer to an inode in a dentry.
+Ubuntu-Description: 
+ A flaw in the sysfs_readdir function allowed a local user to cause a
+ denial of service by dereferencing a NULL pointer.
+Notes: 
+ pkl> Bug fix available in RedHat kernel-2.6.9-55.0.2.EL.src.rpm release
+ jmm> 01da2425f327d7ac673e594bee5655523115970b
+Bugs: 
+upstream: released (2.6.22.2)
+linux-2.6: released (2.6.22-4)
+2.6.18-etch-security: released (2.6.18.dfsg.1-13etch5) [bugfix/sysfs_readdir-NULL-deref-1.patch, bugfix/sysfs_readdir-NULL-deref-2.patch, bugfix/sysfs-fix-condition-check.patch]
+2.6.8-sarge-security: needed "code is very different in 2.6.8, if no reproducer, ignore"
+2.4.27-sarge-security: N/A
+2.6.15-dapper-security: released (2.6.15-29.58)
+2.6.17-edgy-security: released (2.6.17.1-12.40) [a8c3f241ea411211c4802098f23a8da309e8bbd1]
+2.6.20-feisty-security: released (2.6.20-16.31) [5ca45c7e9e3d363c7bd3a5419742cb3368baf474]