blob: 54534cbd19f041bd678053f9dd4cabebb3b7db81 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
Candidate: CVE-2005-3359
References:
http://linux.bkbits.net:8080/linux-2.6/cset@4339c66aLroC1_zunYKhEIbtIWrnwg
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175769
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a79af59efd20990473d579b1d8d70bb120f0920c
CONFIRM:http://linux.bkbits.net:8080/linux-2.6/cset@4339c66aLroC1_zunYKhEIbtIWrnwg
CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175769
UBUNTU:USN-263-1
URL:http://www.ubuntulinux.org/support/documentation/usn/usn-263-1
BID:17078
URL:http://www.securityfocus.com/bid/17078
SECUNIA:19220
URL:http://secunia.com/advisories/19220
Description:
The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a
denial of service (panic) via certain socket calls that produce inconsistent
reference counts for loadable protocol modules.
Notes:
dannf> Easily reproduced on 2.6.8, not reproducible on 2.4.27, so marking
dannf> 2.4 N/A
.
dannf> Note that atm is marked experimental in 2.6.8, and is not built
dannf> as a module on i386, amd64 or ia64 - but of course users could
dannf> build their own kernels, and this isn't atm specific
Bugs:
upstream: released (2.6.14)
linux-2.6: released (2.6.14-1)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A
|