From 69b752cd8d45e4ec4823783a6e6df7800c9a9880 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 6 Jun 2007 06:30:59 +0000
Subject: retire CVE-2007-1734

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@847 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2007-1734 | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 retired/CVE-2007-1734

(limited to 'retired/CVE-2007-1734')

diff --git a/retired/CVE-2007-1734 b/retired/CVE-2007-1734
new file mode 100644
index 00000000..82b2e308
--- /dev/null
+++ b/retired/CVE-2007-1734
@@ -0,0 +1,20 @@
+Candidate: CVE-2007-1734
+References: 
+ http://www.securityfocus.com/archive/1/archive/1/463969/100/0/threaded
+Description: 
+ The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in
+ Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen
+ value, which allows local users running on certain architectures to read
+ kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730
+Ubuntu-Description: 
+Notes: 
+Bugs: 420875
+upstream: released (2.6.20.5, 2.6.21)
+linux-2.6: released (2.6.20-1) [bugfix/2.6.20.5]
+2.6.18-etch-security: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.12-breezy-security: N/A
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: published (linux-source-2.6.20-16.28)
-- 
cgit v1.2.3