blob: a3b6a8f972dee7acf59fc9515e666ab341655e72 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Candidate: CVE-2007-3104
References:
Description:
The sysfs_readdir function in the Linux kernel in Red Hat Enterprise
Linux 4.5 allows local users to cause a denial of service (kernel OOPS)
by dereferencing a null pointer to an inode in a dentry.
Ubuntu-Description:
A flaw in the sysfs_readdir function allowed a local user to cause a
denial of service by dereferencing a NULL pointer.
Notes:
pkl> Bug fix available in RedHat kernel-2.6.9-55.0.2.EL.src.rpm release
jmm> 01da2425f327d7ac673e594bee5655523115970b
Bugs:
upstream: released (2.6.22.2)
linux-2.6: released (2.6.22-4)
2.6.18-etch-security: released (2.6.18.dfsg.1-13etch5) [bugfix/sysfs_readdir-NULL-deref-1.patch, bugfix/sysfs_readdir-NULL-deref-2.patch, bugfix/sysfs-fix-condition-check.patch]
2.6.8-sarge-security: needed "code is very different in 2.6.8, if no reproducer, ignore"
2.4.27-sarge-security: N/A
2.6.15-dapper-security: released (2.6.15-29.58)
2.6.17-edgy-security: released (2.6.17.1-12.40) [a8c3f241ea411211c4802098f23a8da309e8bbd1]
2.6.20-feisty-security: released (2.6.20-16.31) [5ca45c7e9e3d363c7bd3a5419742cb3368baf474]
|
