From f3581ec9b2d48c6103c22fecb46f713217d834e8 Mon Sep 17 00:00:00 2001 From: dann frazier Date: Thu, 17 Aug 2006 00:24:25 +0000 Subject: move retired to the top level hierarchy so people can easily checkout just the active issues git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@548 e094ebfe-e918-0410-adfb-c712417f3574 --- retired/CVE-2005-3119 | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 retired/CVE-2005-3119 (limited to 'retired/CVE-2005-3119') diff --git a/retired/CVE-2005-3119 b/retired/CVE-2005-3119 new file mode 100644 index 000000000..85710594d --- /dev/null +++ b/retired/CVE-2005-3119 @@ -0,0 +1,30 @@ +Candidate: CVE-2005-3119 +References: + URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3119 + CONFIRM:http://linux.bkbits.net:8080/linux-2.6/cset@43483fddCiQX1WyG_orbko06TrjMVA + REDHAT:RHSA-2005:808 + URL:http://www.redhat.com/support/errata/RHSA-2005-808.html + SECUNIA:17364 + URL:http://secunia.com/advisories/17364 +Description: + Memory leak in the request_key_auth_destroy function in request_key_auth in Linux + kernel 2.6.13 and earlier allows local users to cause a denial of service (memory + consumption) via a large number of authorization token keys. +Notes: + Plug request_key_auth memleak. This can be triggered by unprivileged + users, so is local DoS. + http://www.ussg.iu.edu/hypermail/linux/kernel/0510.0/1860.html + . + dannf> This file doesn't exist in 2.6.8, so sarge isn't vulnerable +upstream: released (2.6.13.4, 2.6.14) +linux-2.6: released (2.6.13+2.6.14-rc4-0experimental.1) +2.6.8-sarge-security: N/A +2.4.27-sid/sarge: N/A +2.4.27-sarge-security: N/A +2.4.19-woody-security: N/A +2.4.18-woody-security: N/A +2.4.17-woody-security: N/A +2.4.16-woody-security: N/A +2.4.17-woody-security-hppa: N/A +2.4.17-woody-security-ia64: N/A +2.4.18-woody-security-hppa: -- cgit v1.2.3