diff options
| author | Raphael Geissert <geissert@debian.org> | 2009-12-15 23:02:14 +0000 |
|---|---|---|
| committer | Raphael Geissert <geissert@debian.org> | 2009-12-15 23:02:14 +0000 |
| commit | 7eb11c30638529575969fa17b2a170cae7e515a0 (patch) | |
| tree | 73e38b8faa5c84bc1f17526f683652d2049486c0 /retired | |
| parent | b57533566afb0a8d5cb9bba369099ceff520efd4 (diff) | |
retire a few issues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1653 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired')
| -rw-r--r-- | retired/CVE-2009-1298 | 14 | ||||
| -rw-r--r-- | retired/CVE-2009-2287 | 15 | ||||
| -rw-r--r-- | retired/CVE-2009-2584 | 22 |
3 files changed, 51 insertions, 0 deletions
diff --git a/retired/CVE-2009-1298 b/retired/CVE-2009-1298 new file mode 100644 index 00000000..1097856c --- /dev/null +++ b/retired/CVE-2009-1298 @@ -0,0 +1,14 @@ +Candidate: +Description: + ipv4 denial-of-sevice +References: + http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=bbf31bf18d34caa87dd01f08bf713635593697f2 +Notes: +Bugs: +upstream: released (2.6.32) [bbf31bf1] +2.6.31-upstream-stable: +linux-2.6: released (2.6.32-1) +2.6.18-etch-security: N/A "introduced in 2.6.29 commit 2bad35b7" +2.6.24-etch-security: N/A "introduced in 2.6.29 commit 2bad35b7" +2.6.26-lenny-security: N/A "introduced in 2.6.29 commit 2bad35b7" +2.6.32-squeeze-security: released (2.6.32-1) diff --git a/retired/CVE-2009-2287 b/retired/CVE-2009-2287 new file mode 100644 index 00000000..085b9f2f --- /dev/null +++ b/retired/CVE-2009-2287 @@ -0,0 +1,15 @@ +Candidate: CVE-2009-2287 +Description: +References: + http://www.openwall.com/lists/oss-security/2009/06/30/1 + http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git;a=blob;f=queue-2.6.30/kvm-x86-check-for-cr3-validity-in-ioctl_set_sregs.patch;h=b48a47dad2cf76358b327368f80c0805e6370c68;hb=e7c45b24f298b5d9efd7d401150f64a1b51aaac4 + http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb + http://sourceforge.net/tracker/?func=detail&atid=893831&aid=2687641&group_id=180599 +Ubuntu-Description: +Notes: +Bugs: +upstream: released (2.6.30.1, 2.6.31-rc1) +linux-2.6: released (2.6.30-2) [bugfix/all/stable/2.6.30.1.patch] +2.6.18-etch-security: N/A "no kvm" +2.6.24-etch-security: N/A "kvm introduced in 2.6.25" +2.6.26-lenny-security: released (2.6.26-17lenny1) [bugfix/x86/kvm-check-for-cr3-validity-in-ioctl_set_sregs.patch] diff --git a/retired/CVE-2009-2584 b/retired/CVE-2009-2584 new file mode 100644 index 00000000..f099cf12 --- /dev/null +++ b/retired/CVE-2009-2584 @@ -0,0 +1,22 @@ +Candidate: CVE-2009-2584 +Description: + Off-by-one error in the options_write function in + drivers/misc/sgi-gru/gruprocfs.c in the SGI GRU driver in the Linux kernel + 2.6.30.2 and earlier on ia64 and x86 platforms might allow local users to + overwrite arbitrary memory locations and gain privileges via a crafted count + argument, which triggers a stack-based buffer overflow. +References: + http://grsecurity.net/~spender/exploit_demo.c + http://lkml.org/lkml/2009/7/20/348 + http://xorl.wordpress.com/2009/07/21/linux-kernel-sgi-gru-driver-off-by-one-overwrite +Ubuntu-Description: +Notes: + - high urgency since exploit code is currently in the wild + - the patch is still not applied upstream so i've sent a message upstream to lkml: + http://lkml.org/lkml/2009/11/4/538 +Bugs: +upstream: released (2.6.32-rc7) [d39b7dd1dcbf394a1cb897457c862dafe9a20ac5], released (2.6.31.6) [42d7bdfc3320039bb9310703d6475a62f5c74772] +linux-2.6: released (2.6.31-2) +2.6.18-etch-security: N/A "code not present" +2.6.24-etch-security: N/A "code not present" +2.6.26-lenny-security: N/A "code not present" |