blob: f685e96f8ceaa8e6d49d52ae8d802a914e48d6f2 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Candidate: CVE-2007-2451
References:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=761e784673d79c8ea9befdad31e30c65e0d20b82
Description:
Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in
the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive
information via unspecified vectors.
Ubuntu-Description:
The GEODE-AES driver did not correctly initialize the encryption key.
Any data encrypted using this type of device would be easily compromised.
Notes:
jmm> Vulnerable code was introduced after 2.6.19 release
Bugs:
upstream: released (2.6.21.3, 2.6.20.12)
linux-2.6: released (2.6.21-3)
2.6.18-etch-security: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.6.15-dapper-security: N/A
2.6.17-edgy-security: N/A
2.6.20-feisty-security: released (2.6.20-16.29)
|