Candidate: CVE-2004-0535
References: 
 CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log
 CONFIRM:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168
 CONECTIVA:CLA-2004:845
 URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845
 FEDORA:FEDORA-2004-186
 URL:http://lwn.net/Articles/91155/
 GENTOO:GLSA-200407-02
 URL:http://security.gentoo.org/glsa/glsa-200407-02.xml
 MANDRAKE:MDKSA-2004:062
 URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:062
 REDHAT:RHSA-2004:413
 URL:http://www.redhat.com/support/errata/RHSA-2004-413.html
 REDHAT:RHSA-2004:418
 URL:http://www.redhat.com/support/errata/RHSA-2004-418.html
 SGI:20040804-01-U
 URL:ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc
 SUSE:SUSE-SA:2004:020
 URL:http://www.novell.com/linux/security/advisories/2004_20_kernel.html
 XF:linux-e1000-bo(16159)
 URL:http://xforce.iss.net/xforce/xfdb/16159
 BID:10352
 URL:http://www.securityfocus.com/bid/10352
Description: 
 The e1000 driver for Linux kernel 2.4.26 and earlier does not properly
 initialize memory before using it, which allows local users to read portions
 of kernel memory. NOTE: this issue was originally incorrectly reported as a
 "buffer overflow" by some sources.
Notes: 
 Patch:
   http://linux.bkbits.net:8080/linux-2.6/cset@4084025a6AP3ORKQ7iaTFCmOGvTJXw?nav=index.html|src/|src/drivers|src/drivers/net|src/drivers/net/e1000|related/drivers/net/e1000/e1000_ethtool.c
Bugs: 
upstream: released (2.4.27, 2.6.6)
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: needed
2.4.18-woody-security-hppa: N/A