From 8290df912ecbf23e19610e57952fc68c45d59103 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Mon, 30 Apr 2007 17:04:40 +0000
Subject: retire two more issues record upstream fix

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@773 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2006-5619 | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 retired/CVE-2006-5619

(limited to 'retired/CVE-2006-5619')

diff --git a/retired/CVE-2006-5619 b/retired/CVE-2006-5619
new file mode 100644
index 00000000..2a7a48cf
--- /dev/null
+++ b/retired/CVE-2006-5619
@@ -0,0 +1,23 @@
+Candidate: CVE-2006-5619
+References: 
+ http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bcd620757d3a4ae78ef0ca41adb5d9e400ed92b6
+Description: 
+ The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in
+ Linux kernel 2.6.16, 2.6.17, and 2.6.18-stable allows local users to
+ cause a denial of service (hang or oops) via unspecified manipulations
+ that trigger an infinite loop while searching for flowlabels.
+Ubuntu-Description:
+ James Morris discovered that the ip6fl_get_n() function incorrectly
+ handled flow labels. A local attacker could exploit this to crash the
+ kernel.
+Notes: 
+ dannf> This code does not appear to be present in 2.4
+Bugs: 
+upstream: released (2.6.18.2)
+linux-2.6: released (2.6.18-4)
+2.6.8-sarge-security: released (2.6.8-16sarge6) [ip6_flowlabel-lockup.dpatch]
+2.4.27-sarge-security: N/A
+2.6.12-breezy-security: released (2.6.12-10.41)
+2.6.15-dapper-security: released (2.6.15-27.49)
+2.6.17-edgy-security: released (2.6.17.1-10.34)
+2.6.19-feisty: released
-- 
cgit v1.2.3