From f3581ec9b2d48c6103c22fecb46f713217d834e8 Mon Sep 17 00:00:00 2001
From: dann frazier <dannf@debian.org>
Date: Thu, 17 Aug 2006 00:24:25 +0000
Subject: move retired to the top level hierarchy so people can easily checkout
 just the active issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@548 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2005-3848 | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 retired/CVE-2005-3848

(limited to 'retired/CVE-2005-3848')

diff --git a/retired/CVE-2005-3848 b/retired/CVE-2005-3848
new file mode 100644
index 00000000..13cb1398
--- /dev/null
+++ b/retired/CVE-2005-3848
@@ -0,0 +1,32 @@
+Candidate: CVE-2005-3848
+References: 
+ CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cb94c62c252796f42bb83fe40960d12f3ea5a82a
+ MISC:http://lkml.org/lkml/2005/8/26/173
+Description: 
+ Ollie Wild discovered a leak in the icmp_push_reply() function in Linux 2.6,
+ in which an ignored error returned by ip_append_data() would result in the
+ route and net_device not being freed.  A malicious remote user could exploit
+ this in order to initiate a denial of service attack.  This issue was fixed
+ in Linux 2.6.12.6 and 2.6.13.
+Notes: 
+ This code looks completely different in 2.4; neither ip_append_data() (the
+ function that returns an error) nor icmp_push_reply() (the function that fails
+ to check this error) exist.  So, I'm marking 2.4 as unaffected.
+ Actual CVE description:
+ Memory leak in the icmp_push_reply function in Linux 2.6 before
+ 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of
+ service (memory consumption) via a large number of crafted packets
+ that cause the ip_append_data function to fail, aka "DST leak in
+ icmp_push_reply."
+upstream: released (2.6.12.6, 2.6.13)
+2.6.8-sarge-security: released (2.6.8-16sarge2) [fix-dst-leak-in-icmp_push_reply.dpatch]
+2.4.27-sid/sarge: released (2.4.27-12) [188_fix-dst-leak-in-icmp_push_reply.diff]
+2.4.27-sarge-security: released (2.4.27-10sarge2) [188_fix-dst-leak-in-icmp_push_reply.diff]
+linux-2.6: 
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
+2.4.18-woody-security-hppa: 
-- 
cgit v1.2.3