[kernel-sec-discuss] r955 - active

keescook-guest at alioth.debian.org keescook-guest at alioth.debian.org
Fri Sep 21 20:21:57 UTC 2007 

Author: keescook-guest
Date: 2007-09-21 20:21:57 +0000 (Fri, 21 Sep 2007)
New Revision: 955

Modified:
   active/CVE-2006-7051
   active/CVE-2007-3739
   active/CVE-2007-3740
   active/CVE-2007-4567
Log:
details on CVE-2007-3739 CVE-2007-3740

Modified: active/CVE-2006-7051
===================================================================
--- active/CVE-2006-7051	2007-09-21 19:12:59 UTC (rev 954)
+++ active/CVE-2006-7051	2007-09-21 20:21:57 UTC (rev 955)
@@ -12,17 +12,17 @@
  possibly bypass memory limits or cause other processes to be killed by
  creating a large number of posix timers, which are allocated in kernel
  memory but are not treated as part of the process' memory.
- .
+Ubuntu-Description: 
+Notes: 
  dannf> Debian should probably "fix" this by suggesting a limit (ulimit -i)
         on the number of pending signals
-Ubuntu-Description: 
-Notes: 
+ kees> Pending signals limit is now set by pam 0.99.x.
 Bugs: 
 upstream: 
 linux-2.6: 
 2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch1) "no upstream patch"
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.6.15-dapper-security: ignore
-2.6.17-edgy-security: ignore - no upstream patch
-2.6.20-feisty: needed
+2.6.15-dapper-security: ignore (no upstream patch)
+2.6.17-edgy-security: ignore (no upstream patch)
+2.6.20-feisty: ignore (no upstream patch)

Modified: active/CVE-2007-3739
===================================================================
--- active/CVE-2007-3739	2007-09-21 19:12:59 UTC (rev 954)
+++ active/CVE-2007-3739	2007-09-21 20:21:57 UTC (rev 955)
@@ -1,6 +1,11 @@
 Candidate: CVE-2007-3739
 References: 
+ http://lkml.org/lkml/2007/1/29/180
 Description: 
+ mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does
+ not prevent stack expansion from entering into reserved kernel page
+ memory, which allows local users to cause a denial of service (OOPS)
+ via unspecified vectors.
 Ubuntu-Description: 
 Notes: 
 Bugs: 

Modified: active/CVE-2007-3740
===================================================================
--- active/CVE-2007-3740	2007-09-21 19:12:59 UTC (rev 954)
+++ active/CVE-2007-3740	2007-09-21 20:21:57 UTC (rev 955)
@@ -1,6 +1,10 @@
 Candidate: CVE-2007-3740
 References: 
+ https://bugzilla.redhat.com/show_bug.cgi?id=253314
 Description: 
+ The CIFS filesystem, when Unix extension support is enabled, does
+ not honor the umask of a process, which allows local users to gain
+ privileges.
 Ubuntu-Description: 
 Notes: 
 Bugs: 

Modified: active/CVE-2007-4567
===================================================================
--- active/CVE-2007-4567	2007-09-21 19:12:59 UTC (rev 954)
+++ active/CVE-2007-4567	2007-09-21 20:21:57 UTC (rev 955)
@@ -5,7 +5,8 @@
 Description: 
 Ubuntu-Description: 
 Notes: 
- kees> introduced in 2.6.20
+ kees> introduced in 2.6.20, fixed in 2.6.22
+ kees> note: reports say the above git commit does NOT seem to fix the issue
 Bugs: 
 upstream: pending (2.6.22.5)
 linux-2.6:

More information about the kernel-sec-discuss mailing list