blob: 70d585c3574246f9b8cb64522f51a3f919cc804b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
Candidate: CVE-2005-3180
References:
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3180
CONFIRM:http://www.kernel.org/hg/linux-2.6/?cmd=changeset;node=feecb2ffde28639e60ede769c6f817dc536c677b
Description:
The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does
not properly clear memory from a previously used packet whose length
is increased, which allows remote attackers to obtain sensitive
information.
Notes:
> > From: Pavel Roskin <proski@gnu.org>
> >
> > The orinoco driver can send uninitialized data exposing random pieces of
> > the system memory. This happens because data is not padded with zeroes
> > when its length needs to be increased.
horms> a better fix for this is
horms> http://mirror.local.valinux.co.jp/linux/kernel/v2.6/ChangeLog-2.6.15
horms> 192_orinoco-info-leak.diff is missing the ALIGN macro which is not
horms> defined elsewhere in 2.4.
horms> is added by 192_orinoco-info-leak-2.diff
upstream: released (2.6.13.4), released (2.4.33-pre2)
linux-2.6: released (2.6.13+2.6.14-rc4-0experimental.1)
2.6.8-sarge-security: released (2.6.8-16sarge2) [orinoco-info-leak.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [192_orinoco-info-leak.diff, 192_orinoco-info-leak-2.diff]
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
2.4.16-woody-security:
2.4.17-woody-security-hppa:
2.4.17-woody-security-ia64:
2.4.18-woody-security-hppa:
|