diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2009-10-20 21:46:22 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2009-10-20 21:46:22 +0000 |
commit | 5662f0b2a69d60db40460e71293e7d6a5f1851b1 (patch) | |
tree | c36fba9715ef3ae955a2665f49e7c0f002103bd5 /retired/CVE-2009-0676 | |
parent | c1f4a4e3307253a711eb1731f022c3b0c6f398d6 (diff) |
retire more issues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1530 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2009-0676')
-rw-r--r-- | retired/CVE-2009-0676 | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/retired/CVE-2009-0676 b/retired/CVE-2009-0676 new file mode 100644 index 00000000..06d60465 --- /dev/null +++ b/retired/CVE-2009-0676 @@ -0,0 +1,27 @@ +Candidate: CVE-2009-0676 +Description: + The sock_getsockopt function in net/core/sock.c in the Linux kernel + before 2.6.28.6 does not initialize a certain structure member, which + allows local users to obtain potentially sensitive information from + kernel memory via an SO_BSDCOMPAT getsockopt request. +References: + MLIST:[linux-kernel] 20090212 [PATCH] 4 bytes kernel memory disclosure in SO_BSDCOMPAT gsopt try #2 + URL:http://lkml.org/lkml/2009/2/12/123 + MLIST:[oss-security] 20090220 CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt + URL:http://openwall.com/lists/oss-security/2009/02/20/1 + CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=df0bca049d01c0ee94afb7cd5dfd959541e6c8da + CONFIRM:http://patchwork.kernel.org/patch/6816/ + CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.6 + CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=486305 +Ubuntu-Description: +Notes: +Bugs: +upstream: released (2.6.28.6, 2.6.29-rc5) +linux-2.6: released (2.6.29-1) +2.6.18-etch-security: released (2.6.18.dfsg.1-24etch1) [bugfix/all/net-SO_BSDCOMPAT-leak.patch, bugfix/all/net-SO_BSDCOMPAT-leak-2.patch] +2.6.24-etch-security: released (2.6.24-6~etchnhalf.8etch1) [bugfix/all/net-SO_BSDCOMPAT-leak.patch, bugfix/all/net-SO_BSDCOMPAT-leak-2.patch] +2.6.26-lenny-security: released (2.6.26-13lenny1) [bugfix/all/net-SO_BSDCOMPAT-leak.patch, bugfix/all/net-SO_BSDCOMPAT-leak-2.patch] +2.6.15-dapper-security: +2.6.22-gutsy-security: +2.6.24-hardy-security: +2.6.27-intrepid-security: |