blob: 56a01b8401cd37c67452664a8733ed62c5c15724 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Candidate: CVE-2005-3276
References:
CONFIRM:http://linux.bkbits.net:8080/linux-2.6/cset@1.3700.4.106?nav=index.html|src/|src/arch|src/arch/i386|src/arch/i386/kernel|related/arch/i386/kernel/process.c
CONFIRM: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=71ae18ec690953e9ba7107c7cc44589c2cc0d9f1
URL:http://lkml.org/lkml/2005/8/3/36
Description:
The sys_get_thread_area function in Linux 2.6 kernels prior to 2.6.12.4 and
2.6.13 does not entirely clear a user_desc structure before copying it
to userspace, resulting in a small information leak.
Bugs:
upstream: released (2.6.12.4)
linux-2.6: released (2.6.12-2)
2.6.8-sarge-security: released (2.6.8-16sarge1) [sys_get_thread_area-leak.dpatch]
2.4.27-sarge-security: N/A
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
2.4.16-woody-security:
2.4.17-woody-security-hppa:
2.4.17-woody-security-ia64:
2.4.18-woody-security-hppa:
|
