retire issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1759 e094ebfe-e918-0410-adfb-c712417f3574
author: Moritz Muehlenhoff <jmm@debian.org> 2010-03-04 23:30:06 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2010-03-04 23:30:06 +0000
commit: 8b89b4be7cf2cf2a85f2e5521046e5a53d6a90dc (patch)
tree: 0decae468ee0fa9b8f7e02de08dd13641f90fb2d /retired/CVE-2009-2691
parent: 24f2bb5a17a5d17d4346de3a08e222f5d7791003 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2009-2691 b/retired/CVE-2009-2691
new file mode 100644
index 00000000..6069194d
--- /dev/null
+++ b/retired/CVE-2009-2691
@@ -0,0 +1,14 @@
+Candidate: CVE-2009-2691
+Description:
+ The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier
+ allows local users to read (1) maps and (2) smaps files under proc/ via vectors
+ related to ELF loading, a setuid process, and a race condition.
+References:
+Ubuntu-Description:
+Notes:
+Bugs:
+upstream: released (2.6.31-rc6) [13f0fea, 00f89d2, 704b836], released (2.6.30.5) [95d7e670e3158b6a52a8279290a0d6f7047250b4, 17dc3e97d6d51df33cb6e35fabb62b91ef14cf2c, c6d59cb0341e2c3aed3eb65cbf166a686c3443aa]
+linux-2.6: released (2.6.30-7)
+2.6.18-etch-security: ignored (end of life)
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.9etch3) [bugfix/all/maps-visible-during-initial-setuid-ELF-loading.patch]
+2.6.26-lenny-security: released (2.6.26-21) [bugfix/all/maps-visible-during-initial-setuid-ELF-loading.patch]
author	Moritz Muehlenhoff <jmm@debian.org>	2010-03-04 23:30:06 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2010-03-04 23:30:06 +0000
commit	8b89b4be7cf2cf2a85f2e5521046e5a53d6a90dc (patch)
tree	0decae468ee0fa9b8f7e02de08dd13641f90fb2d /retired/CVE-2009-2691
parent	24f2bb5a17a5d17d4346de3a08e222f5d7791003 (diff)