From cffb363c568e15bb95549d0c5746068cca9c94bf Mon Sep 17 00:00:00 2001 From: dann frazier Date: Sun, 20 Jul 2008 21:58:00 +0000 Subject: Debian updates; retire several issues git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1197 e094ebfe-e918-0410-adfb-c712417f3574 --- retired/CVE-2007-4997 | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 retired/CVE-2007-4997 (limited to 'retired/CVE-2007-4997') diff --git a/retired/CVE-2007-4997 b/retired/CVE-2007-4997 new file mode 100644 index 00000000..d2b9c569 --- /dev/null +++ b/retired/CVE-2007-4997 @@ -0,0 +1,28 @@ +Candidate: CVE-2007-4997 +References: + http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git;a=commitdiff;h=04045f98e0457aba7d4e6736f37eed189c48a5f7 + http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git;a=commitdiff;h=04045f98e0457aba7d4e6736f37eed189c48a5f7 +Description: +Ubuntu-Description: + Chris Evans discovered that the 802.11 network stack did not correctly + handle certain QOS frames. A remote attacker on the local wireless network + could send specially crafted packets that would panic the kernel, resulting + in a denial of service. +Notes: + > The summary is that an evil 80211 frame can crash out a victim's + > machine. It only applies to drivers using the 80211 wireless code, and + > only then to certain drivers (and even then depends on a card's + > firmware not dropping a dubious packet). I must confess I'm not + > keeping track of Linux wireless support, and the different protocol + > stacks etc. + jmm> 04045f98e0457aba7d4e6736f37eed189c48a5f7 +Bugs: +upstream: released (2.6.23) +linux-2.6: released (2.6.23-1) +2.6.18-etch-security: released (2.6.18.dfsg.1-13etch5) [bugfix/ieee80211-underflow.patch] +2.6.8-sarge-security: N/A +2.4.27-sarge-security: N/A +2.6.15-dapper-security: released (2.6.15-29.61) +2.6.17-edgy-security: released (2.6.17.1-12.42) +2.6.20-feisty-security: released (2.6.20-16.33) +2.6.22-gutsy-security: released (2.6.22-14.47) -- cgit v1.2.3