From b52bc87b0847c59f056197e220ff80a8144d18fb Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Fri, 1 May 2009 14:18:25 +0000 Subject: very minor formatting tweaks git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1350 e094ebfe-e918-0410-adfb-c712417f3574 --- dsa-texts/2.6.24-6~etchnhalf.8etch1 | 82 +++++++++++++++++++------------------ 1 file changed, 42 insertions(+), 40 deletions(-) (limited to 'dsa-texts/2.6.24-6~etchnhalf.8etch1') diff --git a/dsa-texts/2.6.24-6~etchnhalf.8etch1 b/dsa-texts/2.6.24-6~etchnhalf.8etch1 index fd845bc4..244bca51 100644 --- a/dsa-texts/2.6.24-6~etchnhalf.8etch1 +++ b/dsa-texts/2.6.24-6~etchnhalf.8etch1 @@ -23,8 +23,8 @@ problems: CVE-2008-4307 Bryn M. Reeves reported a denial of service in the NFS filesystem. - Local users can trigger a kernel BUG() due to a race condition - in the do_setlk function. + Local users can trigger a kernel BUG() due to a race condition in + the do_setlk function. CVE-2008-5079 @@ -35,31 +35,32 @@ CVE-2008-5079 CVE-2008-5395 Helge Deller discovered a denial of service condition that allows - local users on PA-RISC systems to crash a system by attempting - to unwind a stack contiaining userspace addresses. + local users on PA-RISC systems to crash a system by attempting to + unwind a stack contiaining userspace addresses. CVE-2008-5700 Alan Cox discovered a lack of minimum timeouts on SG_IO requests, - which allows local users of systems using ATA to cause a denial - of service by forcing drives into PIO mode. + which allows local users of systems using ATA to cause a denial of + service by forcing drives into PIO mode. CVE-2008-5701 - Vlad Malov reported an issue on 64-bit MIPS systems where a local user - could cause a system crash by crafing a malicious binary which makes - o32 syscalls with a number less than 4000. + Vlad Malov reported an issue on 64-bit MIPS systems where a local + user could cause a system crash by crafing a malicious binary + which makes o32 syscalls with a number less than 4000. CVE-2008-5702 - Zvonimir Rakamaric reported an off-by-one error in the ib700wdt watchdog - driver which allows local users to cause a buffer underflow by making - a specially crafted WDIOC_SETTIMEOUT ioctl call. + Zvonimir Rakamaric reported an off-by-one error in the ib700wdt + watchdog driver which allows local users to cause a buffer + underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl + call. CVE-2009-0028 - Chris Evans discovered a situation in which a child process can send - an arbitrary signal to its parent. + Chris Evans discovered a situation in which a child process can + send an arbitrary signal to its parent. CVE-2009-0029 @@ -109,57 +110,58 @@ CVE-2009-0745 CVE-2009-0834 - Roland McGrath discovered an issue on amd64 kernels that allows local - users to circumvent system call audit configurations which filter - based on the syscall numbers or argument details. + Roland McGrath discovered an issue on amd64 kernels that allows + local users to circumvent system call audit configurations which + filter based on the syscall numbers or argument details. CVE-2009-0859 - Jiri Olsa discovered that a local user can cause a denial of service - (system hang) using a SHM_INFO shmctl call on kernels compiled with - CONFIG_SHMEM disabled. This issue does not affect prebuilt Debian - kernels. + Jiri Olsa discovered that a local user can cause a denial of + service (system hang) using a SHM_INFO shmctl call on kernels + compiled with CONFIG_SHMEM disabled. This issue does not affect + prebuilt Debian kernels. CVE-2009-1046 - Mikulas Patocka reported an issue in the console subsystem that allows - a local user to cause memory corruption by selecting a small number of - 3-byte UTF-8 characters. + Mikulas Patocka reported an issue in the console subsystem that + allows a local user to cause memory corruption by selecting a + small number of 3-byte UTF-8 characters. CVE-2009-1192 - Shaohua Li reported an issue in the AGP subsystem they may allow local - users to read sensitive kernel memory due to a leak of uninitialized - memory. + Shaohua Li reported an issue in the AGP subsystem they may allow + local users to read sensitive kernel memory due to a leak of + uninitialized memory. CVE-2009-1242 - Benjamin Gilbert reported a local denial of service vulnerability in the - KVM VMX implementation that allows local users to trigger an oops. + Benjamin Gilbert reported a local denial of service vulnerability + in the KVM VMX implementation that allows local users to trigger + an oops. CVE-2009-1265 - Thomas Pollet reported an overflow in the af_rose implementation that - allows remote attackers to retrieve uninitialized kernel memory that - may contain sensitive data. + Thomas Pollet reported an overflow in the af_rose implementation + that allows remote attackers to retrieve uninitialized kernel + memory that may contain sensitive data. CVE-2009-1337 - Oleg Nesterov discovered an issue in the exit_notify function that allows - local users to send an arbitrary signal to a process by running a program - that modifies the exit_signal field and then uses an exec system call to - launch a setuid application. + Oleg Nesterov discovered an issue in the exit_notify function that + allows local users to send an arbitrary signal to a process by + running a program that modifies the exit_signal field and then + uses an exec system call to launch a setuid application. CVE-2009-1338 - Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to reach - processes outside of the current process namespace. + Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to + reach processes outside of the current process namespace. CVE-2009-1439 Pavan Naregundi reported an issue in the CIFS filesystem code that - allows remote users to overwrite memory via a long nativeFileSystem - field in a Tree Connect response during mount. + allows remote users to overwrite memory via a long + nativeFileSystem field in a Tree Connect response during mount. For the stable distribution (etch), these problems have been fixed in version 2.6.24-6~etchnhalf.8etch1. -- cgit v1.2.3