diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2010-09-30 07:16:53 +0000 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2010-09-30 07:16:53 +0000 |
| commit | 8586d311d7ce2bdbfd7db20251e382a6cfbba8d1 (patch) | |
| tree | 3740d332d75a631c87615da2edd1085d4eb1e145 /retired | |
| parent | 92aa8f5b7cfd8c8c167ad215a4f65d3834f1e481 (diff) | |
retire issues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1979 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired')
| -rw-r--r-- | retired/CVE-2010-2960 | 16 | ||||
| -rw-r--r-- | retired/CVE-2010-3080 | 14 | ||||
| -rw-r--r-- | retired/CVE-2010-3081 | 12 |
3 files changed, 42 insertions, 0 deletions
diff --git a/retired/CVE-2010-2960 b/retired/CVE-2010-2960 new file mode 100644 index 00000000..28cbb408 --- /dev/null +++ b/retired/CVE-2010-2960 @@ -0,0 +1,16 @@ +Candidate: CVE-2010-2960 +Description: keyctl_session_to_parent null ptr deref +References: +Notes: + Patches (not in upstream yet): + https://bugzilla.redhat.com/show_bug.cgi?id=627440#c4 + https://bugzilla.redhat.com/show_bug.cgi?id=627440#c5 + Introduced via upstream commit ee18d64c (v2.6.32-rc1) + https://bugzilla.redhat.com/CVE-2010-2960 + https://bugzilla.redhat.com/show_bug.cgi?id=627440#c3 +Bugs: +upstream: released (2.6.36-rc4) [9d1ac65, 3d96406] +2.6.32-upstream-stable: released (2.6.32.23) +linux-2.6: released (2.6.32-23) [bugfix/all/keys-fix-RCU-no-lock-warning-in-keyctl_session_to_parent.patch, bugfix/all/keys-fix-bug-in-keyctl_session_to_parent-if-parent-has-no-session-keyring.patch] +2.6.26-lenny-security: N/A +2.6.32-squeeze-security: released (2.6.32-23) [bugfix/all/keys-fix-RCU-no-lock-warning-in-keyctl_session_to_parent.patch, bugfix/all/keys-fix-bug-in-keyctl_session_to_parent-if-parent-has-no-session-keyring.patch] diff --git a/retired/CVE-2010-3080 b/retired/CVE-2010-3080 new file mode 100644 index 00000000..36d74431 --- /dev/null +++ b/retired/CVE-2010-3080 @@ -0,0 +1,14 @@ +Candidate: CVE-2010-3080 +Description: +References: + https://bugzilla.redhat.com/CVE-2010-3080 + http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=c598337660c21c0afaa9df5a65bb4a7a0cf15be8 +Notes: + CONFIG_SND_SEQUENCER_OSS is not set though, so not an issue for prebuilt kernels" +Bugs: +upstream: released (2.6.32-rc4) [27f7ad5] +2.6.32-upstream-stable: released (2.6.32.22) [alsa-seq-oss-fix-double-free-at-error-path-of-snd_seq_oss_open.patch] +linux-2.6: released (2.6.32-24) +2.6.26-lenny-security: released (2.6.26-25lenny1) [alsa-seq-oss-fix-double-free-at-error-path-of-snd_seq_oss_open.patch] +2.6.32-squeeze-security: released (2.6.32-24) + diff --git a/retired/CVE-2010-3081 b/retired/CVE-2010-3081 new file mode 100644 index 00000000..e7904782 --- /dev/null +++ b/retired/CVE-2010-3081 @@ -0,0 +1,12 @@ +Candidate: CVE-2010-3081 +Description: +References: + http://sota.gen.nz/compat1/ +Notes: + commit c41d68a +Bugs: +upstream: released (2.6.36-rc5) +2.6.32-upstream-stable: released (2.6.32.22) [compat-make-compat_alloc_user_space-incorporate-the-access_ok.patch] +linux-2.6: released (2.6.32-23) [bugfix/all/compat-make-compat_alloc_user_space-incorporate-the-access_ok.patch] +2.6.26-lenny-security: released (2.6.26-25lenny1) [bugfix/all/compat-make-compat_alloc_user_space-incorporate-the_access_ok.patch] +2.6.32-squeeze-security: released (2.6.32-23) [bugfix/all/compat-make-compat_alloc_user_space-incorporate-the-access_ok.patch] |