From f3581ec9b2d48c6103c22fecb46f713217d834e8 Mon Sep 17 00:00:00 2001 From: dann frazier Date: Thu, 17 Aug 2006 00:24:25 +0000 Subject: move retired to the top level hierarchy so people can easily checkout just the active issues git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@548 e094ebfe-e918-0410-adfb-c712417f3574 --- retired/CVE-2005-3806 | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 retired/CVE-2005-3806 (limited to 'retired/CVE-2005-3806') diff --git a/retired/CVE-2005-3806 b/retired/CVE-2005-3806 new file mode 100644 index 00000000..de1ca218 --- /dev/null +++ b/retired/CVE-2005-3806 @@ -0,0 +1,23 @@ +Candidate: CVE-2005-3806 +References: + http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d + http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;h=bbbe80cdaf72a75a463aff9551e60b31e2f69061;hp=f841bde30c18493a94fd5d522b84724a8eb82a4a;hb=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d;f=net/ipv6/ip6_flowlabel.c +Description: + The IPv6 flowlabel handling code (ip6_flowlabel.c) in Linux kernels + 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in + certain circumstances, which allows local users to corrupt kernel memory + or cause a denial of service (crash) by triggering a free of non-allocated + memory. +Notes: +Bugs: +upstream: released (2.6.14) +linux-2.6: released (2.6.14-1) +2.6.8-sarge-security: released (2.6.8-16sarge2) [net-ipv6-flowlabel-refcnt.dpatch] +2.4.27-sarge-security: released (2.4.27-10sarge2) [net-ipv6-flowlabel-refcnt.dpatch] +2.4.19-woody-security: +2.4.18-woody-security: +2.4.17-woody-security: +2.4.16-woody-security: +2.4.17-woody-security-hppa: +2.4.17-woody-security-ia64: +2.4.18-woody-security-hppa: -- cgit v1.2.3