From d3f3145fd890f6769590bc132bb0d7edf80fafd5 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Sun, 30 Jan 2011 11:29:31 +0000
Subject: retire issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2178 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2010-0435 | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 retired/CVE-2010-0435

(limited to 'retired/CVE-2010-0435')

diff --git a/retired/CVE-2010-0435 b/retired/CVE-2010-0435
new file mode 100644
index 00000000..a03973d0
--- /dev/null
+++ b/retired/CVE-2010-0435
@@ -0,0 +1,15 @@
+Candidate: CVE-2010-0435
+Description:
+ kvm null ptr dereference
+References:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0435
+Notes:
+ jmm> RHEL patch commited as patches/CVE-2010-0435-kvm-kernel-fix-null-pointer-dereference.patch
+ jmm> The kernel.org version is quite different, though. Maybe it's only exploitable in 
+ jmm> combination with the plethora of KVM patches added by Red Hat?
+Bugs:
+upstream: released (2.6.34)
+2.6.32-upstream-stable: released (2.6.32.27)
+linux-2.6: released (2.6.32-29) [bugfix/all/stable/2.6.32.27.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/x86/kvm-vmx-fix-vmx-null-pointer-dereference-on-debug-register-access.patch]
+2.6.32-squeeze-security: released (2.6.32-29) [bugfix/all/stable/2.6.32.27.patch]
-- 
cgit v1.2.3