From ef202d32d59b1f189740dcf9fccba9193dd3f0bb Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Tue, 1 Dec 2009 22:42:07 +0000
Subject: retire historic crypto disk issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1622 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2004-2136 | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 retired/CVE-2004-2136

(limited to 'retired/CVE-2004-2136')

diff --git a/retired/CVE-2004-2136 b/retired/CVE-2004-2136
new file mode 100644
index 00000000..6cfb88e2
--- /dev/null
+++ b/retired/CVE-2004-2136
@@ -0,0 +1,17 @@
+Candidate: CVE-2004-2136
+Description:
+ dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 
+ 1024 or greater, has certain "IV computation" weaknesses that allow watermarked
+ files to be detected without decryption.
+References:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2136
+ http://marc.theaimsgroup.com/?l=linux-kernel&m=107719798631935&w=2
+ http://mareichelt.de/pub/notmine/diskenc.pdf
+ http://www.securiteam.com/exploits/5UP0P1PFPM.html
+Notes:
+Bugs:
+upstream:
+linux-2.6:
+2.6.18-etch-security:
+2.6.24-etch-security:
+2.6.26-lenny-security:
-- 
cgit v1.2.3