From 8b89b4be7cf2cf2a85f2e5521046e5a53d6a90dc Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Thu, 4 Mar 2010 23:30:06 +0000 Subject: retire issues git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1759 e094ebfe-e918-0410-adfb-c712417f3574 --- retired/CVE-2009-2695 | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 retired/CVE-2009-2695 (limited to 'retired/CVE-2009-2695') diff --git a/retired/CVE-2009-2695 b/retired/CVE-2009-2695 new file mode 100644 index 00000000..307fc3b4 --- /dev/null +++ b/retired/CVE-2009-2695 @@ -0,0 +1,21 @@ +Candidate: CVE-2009-2695 +Description: + The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that + target page zero and other low memory addresses, which allows local users to gain + privileges by exploiting NULL pointer dereference vulnerabilities, related to (1) + the default configuration of the allow_unconfined_mmap_low boolean in SELinux on + Red Hat Enterprise Linux (RHEL) 5, (2) an error that causes + allow_unconfined_mmap_low to be ignored in the unconfined_t domain, (3) lack of a + requirement for the CAP_SYS_RAWIO capability for these mmap operations, and (4) + interaction between the mmap_min_addr protection mechanism and certain application + programs. +References: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695 +Ubuntu-Description: +Notes: +Bugs: +upstream: released (2.6.31-rc7) +linux-2.6: released (2.6.31-1) +2.6.18-etch-security: N/A "no mmap_min_addr" +2.6.24-etch-security: released (2.6.24-6~etchnhalf.9etch3) [bugfix/all/security-use-mmap_min_addr-independently-of-security-models.patch, bugfix/all/selinux-call-cap_file_mmap-in-selinux_file_mmap.patch, bugfix/all/capabilities-move-cap_file_mmap-to-commoncap.c.patch, bugfix/all/security-seperate-lsm-specific-mmap_min_addr.patch, bugfix/all/security-define-round_hint_to_min-when-CONFIG_SECURITY-is-off.patch] +2.6.26-lenny-security: released (2.6.26-19lenny1) [bugfix/all/security-use-mmap_min_addr-independently-of-security-models.patch, bugfix/all/selinux-call-cap_file_mmap-in-selinux_file_mmap.patch, bugfix/all/capabilities-move-cap_file_mmap-to-commoncap.c.patch, bugfix/all/security-seperate-lsm-specific-mmap_min_addr.patch, bugfix/all/security-define-round_hint_to_min-when-CONFIG_SECURITY-is-off.patch] -- cgit v1.2.3