From f3581ec9b2d48c6103c22fecb46f713217d834e8 Mon Sep 17 00:00:00 2001 From: dann frazier Date: Thu, 17 Aug 2006 00:24:25 +0000 Subject: move retired to the top level hierarchy so people can easily checkout just the active issues git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@548 e094ebfe-e918-0410-adfb-c712417f3574 --- retired/CVE-2005-0400 | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 retired/CVE-2005-0400 (limited to 'retired/CVE-2005-0400') diff --git a/retired/CVE-2005-0400 b/retired/CVE-2005-0400 new file mode 100644 index 00000000..84063342 --- /dev/null +++ b/retired/CVE-2005-0400 @@ -0,0 +1,32 @@ +Candidate: CVE-2005-0400 +References: + BUGTRAQ:20050401 Information leak in the Linux kernel ext2 implementation + URL:http://marc.theaimsgroup.com/?l=bugtraq&m=111238764720696&w=2 + MISC:http://arkoon.net/advisories/ext2-make-empty-leak.txt + FEDORA:FLSA:152532 + URL:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532 + UBUNTU:USN-103-1 + URL:http://www.ubuntulinux.org/support/documentation/usn/usn-103-1 + XF:kernel-ext2-information-disclosure(19866) + URL:http://xforce.iss.net/xforce/xfdb/19866 + CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.6 + SECUNIA:14713 + URL:http://secunia.com/advisories/14713/ +Description: + The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not + properly initialize memory when creating a block for a new directory entry, + which allows local users to obtain potentially sensitive information by + reading the block. +Notes: +Bugs: 301799 303294 +upstream: released (2.6.11.6) +linux-2.6: N/A +2.6.8-sarge-security: released (2.6.8-16) [fs-ext2-info-leak.dpatch] +2.4.27-sarge-security: released (2.4.27-10) [156_fs-ext2-info-leak.diff] +2.4.19-woody-security: +2.4.18-woody-security: +2.4.17-woody-security: +2.4.16-woody-security: +2.4.17-woody-security-hppa: +2.4.17-woody-security-ia64: +2.4.18-woody-security-hppa: -- cgit v1.2.3