From f3581ec9b2d48c6103c22fecb46f713217d834e8 Mon Sep 17 00:00:00 2001 From: dann frazier Date: Thu, 17 Aug 2006 00:24:25 +0000 Subject: move retired to the top level hierarchy so people can easily checkout just the active issues git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@548 e094ebfe-e918-0410-adfb-c712417f3574 --- retired/CVE-2004-1057 | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 retired/CVE-2004-1057 (limited to 'retired/CVE-2004-1057') diff --git a/retired/CVE-2004-1057 b/retired/CVE-2004-1057 new file mode 100644 index 00000000..fab0fac1 --- /dev/null +++ b/retired/CVE-2004-1057 @@ -0,0 +1,27 @@ +Candidate: CVE-2004-1057 +References: + MISC:http://www.kernel.org/pub/linux/kernel/people/andrea/kernels/v2.4/2.4.23aa3/00_VM_IO-4 + REDHAT:RHSA-2005:016 + URL:http://www.redhat.com/support/errata/RHSA-2005-016.html + CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=137821 + XF:linux-kernel-vmio-dos(19275) + URL:http://xforce.iss.net/xforce/xfdb/19275 +Description: + Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark + memory with the VM_IO flag, which causes incorrect reference counts and may + lead to a denial of service (kernel panic) when accessing freed kernel pages. +Notes: + dannf> I see the PageReserved() check in the 2.6 code, going back to 2.4.0 + dannf> so I'll mark 2.6 N/A +Bugs: +upstream: +linux-2.6: N/A +2.6.8-sarge-security: N/A +2.4.27-sarge-security: released (2.4.27-10) [165_VM_IO.diff] +2.4.19-woody-security: +2.4.18-woody-security: +2.4.17-woody-security: +2.4.16-woody-security: +2.4.17-woody-security-hppa: +2.4.17-woody-security-ia64: +2.4.18-woody-security-hppa: -- cgit v1.2.3