diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2008-02-22 22:05:22 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2008-02-22 22:05:22 +0000 |
commit | f0b3303c9a82b65f78e929e08389b1ec88034e2b (patch) | |
tree | d3401bc2bcec5f5214c7dfc50853885b04a5e1f1 /retired/CVE-2007-3739 | |
parent | 1350e67a7134d8b304a4c0b1d093693a02b0030a (diff) |
retire more issues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1142 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2007-3739')
-rw-r--r-- | retired/CVE-2007-3739 | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/retired/CVE-2007-3739 b/retired/CVE-2007-3739 new file mode 100644 index 00000000..e06a758f --- /dev/null +++ b/retired/CVE-2007-3739 @@ -0,0 +1,31 @@ +Candidate: CVE-2007-3739 +References: + MLIST:[lkml] 20070129 [PATCH] Don't allow the stack to grow into hugetlb reserved regions + URL:http://lkml.org/lkml/2007/1/29/180 + MISC:https://bugzilla.redhat.com/show_bug.cgi?id=253313 + REDHAT:RHSA-2007:0705 + URL:http://www.redhat.com/support/errata/RHSA-2007-0705.html + SECUNIA:26760 + URL:http://secunia.com/advisories/26760 + XF:kernel-stack-expansion-dos(36592) + URL:http://xforce.iss.net/xforce/xfdb/36592 +Description: + mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does + not prevent stack expansion from entering into reserved kernel page + memory, which allows local users to cause a denial of service (OOPS) + via unspecified vectors. +Ubuntu-Description: + It was discovered that hugetlb kernels on PowerPC systems did not prevent + the stack from colliding with reserved kernel memory. Local attackers + could exploit this and crash the system, causing a denial of service. +Notes: + jmm> 68589bc353037f233fe510ad9ff432338c95db66 +Bugs: +upstream: released (2.6.20) +linux-2.6: released (2.6.20) +2.6.18-etch-security: released (2.6.18.dfsg.1-13etch3) [bugfix/prevent-stack-growth-into-hugetlb-region.patch] +2.6.8-sarge-security: released (2.6.8-17sarge1) [prevent-stack-growth-into-hugetlb-region.dpatch] +2.4.27-sarge-security: N/A "files/functions non-existant in 2.4" +2.6.15-dapper-security: released (2.6.15-29.59) +2.6.17-edgy-security: released (2.6.17.1-12.41 ae30f170a8c2988179b2b34c7e562f57eb0556bc) +2.6.20-feisty-security: released (2.6.20-16.32 e84eef7bd84cb46ae573e21d4047fa2a65072294) |