blob: 9ca898568f71468b47b41ea65051befb3d27af65 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
Candidate: CVE-2004-2660
References:
CONFIRM:http://linux.bkbits.net:8080/linux-2.6/cset@4182a613oVsK0-8eCWpyYFrUf8rhLA
CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.10
Description:
Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows local
users to cause a denial of service (memory consumption) via certain O_DIRECT
(direct IO) write requests.
Notes:
jmm> This was only covered by MITRE in May 2006
jmm> Vulnerable code not present in 2.4
Bugs:
upstream: released (2.6.10)
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge5) [direct-io-write-mem-leak.dpatch]
2.4.27-sarge-security: N/A
|