diff options
author | dann frazier <dannf@debian.org> | 2008-07-20 21:58:00 +0000 |
---|---|---|
committer | dann frazier <dannf@debian.org> | 2008-07-20 21:58:00 +0000 |
commit | cffb363c568e15bb95549d0c5746068cca9c94bf (patch) | |
tree | e0434734275d36074875867c87f80245c22cc450 /retired/CVE-2007-4133 | |
parent | 5573dc627c8198493da4d51a700922f187269fb9 (diff) |
Debian updates; retire several issues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1197 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2007-4133')
-rw-r--r-- | retired/CVE-2007-4133 | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/retired/CVE-2007-4133 b/retired/CVE-2007-4133 new file mode 100644 index 00000000..e1c71246 --- /dev/null +++ b/retired/CVE-2007-4133 @@ -0,0 +1,26 @@ +Candidate: CVE-2007-4133 +References: + http://git.kernel.org/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=856fc29505556cf263f3dcda2533cf3766c14ab6 + https://bugzilla.redhat.com/show_bug.cgi?id=253926 +Description: + The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions + in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform + certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE + units, which allows local users to cause a denial of service (panic) + via unspecified vectors. +Ubuntu-Description: + Certain calculations in the hugetlb code were not correct. A local + attacker could exploit this to cause a kernel panic, leading to a denial + of service. +Notes: + jmm> 2.4 doesn't contain hugetlbfs +Bugs: +upstream: released (2.6.19) +linux-2.6: released (2.6.20-1) +2.6.18-etch-security: released (2.6.18.dfsg.1-13etch4) [bugfix/hugetlb-prio_tree-unit-fix.patch] +2.6.8-sarge-security: released (2.6.8-17sarge1) [hugetlb-prio_tree-unit-fix.dpatch] +2.4.27-sarge-security: N/A +2.6.15-dapper-security: released (2.6.15-29.61) +2.6.17-edgy-security: released (2.6.17.1-12.42) +2.6.20-feisty-security: N/A +2.6.22-gutsy-security: N/A |