blob: 62f131807c33ac34011eb489e608d83e14388b01 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
Candidate: CVE-2011-1020
Description: /proc/$pid/ leaks contents across setuid exec
References:
https://lkml.org/lkml/2011/2/7/368
Notes:
jmm> a9712bc12c40c172e393f85a9b2ba8db4bf59509 already in 2.6.32.x, the rest is missing
Bugs:
upstream: released (2.6.39) [ca6b0bf0e086513b9ee5efc0aa5770ecb57778af, ec6fd8a4355cda81cd9f06bebc048e83eb514ac7, d6f64b89d7ff22ce05896ab4a93a653e8d0b123d, 2fadaef41283aad7100fa73f01998cddaca25833, a9712bc12c40c172e393f85a9b2ba8db4bf59509]
2.6.32-upstream-stable: ignored
sid: released (2.6.39-1)
2.6.26-lenny-security: released (2.6.26-26lenny4) [bugfix/all/pagemap-close-races-with-suid-execve.patch, bugfix/all/proc-map-report-errors-sanely.patch, bugfix/all/close-race-in-proc-pid-environ.patch, bugfix/all/auxv-require-the-target-or-self-to-be-traceable.patch]
3.2-wheezy-security: N/A
2.6.32-squeeze-security: released (2.6.32-35squeeze1) [bugfix/all/pagemap-close-races-with-suid-execve.patch, bugfix/all/proc-map-report-errors-sanely.patch, bugfix/all/close-race-in-proc-pid-environ.patch, bugfix/all/auxv-require-the-target-or-self-to-be-traceable.patch, bugfix/all/proc-syscall-stack-personality-races.patch]
3.2-upstream-stable: N/A
|
