[kernel-sec-discuss] r955 - active
keescook-guest at alioth.debian.org
keescook-guest at alioth.debian.org
Fri Sep 21 20:21:57 UTC 2007
Author: keescook-guest
Date: 2007-09-21 20:21:57 +0000 (Fri, 21 Sep 2007)
New Revision: 955
Modified:
active/CVE-2006-7051
active/CVE-2007-3739
active/CVE-2007-3740
active/CVE-2007-4567
Log:
details on CVE-2007-3739 CVE-2007-3740
Modified: active/CVE-2006-7051
===================================================================
--- active/CVE-2006-7051 2007-09-21 19:12:59 UTC (rev 954)
+++ active/CVE-2006-7051 2007-09-21 20:21:57 UTC (rev 955)
@@ -12,17 +12,17 @@
possibly bypass memory limits or cause other processes to be killed by
creating a large number of posix timers, which are allocated in kernel
memory but are not treated as part of the process' memory.
- .
+Ubuntu-Description:
+Notes:
dannf> Debian should probably "fix" this by suggesting a limit (ulimit -i)
on the number of pending signals
-Ubuntu-Description:
-Notes:
+ kees> Pending signals limit is now set by pam 0.99.x.
Bugs:
upstream:
linux-2.6:
2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch1) "no upstream patch"
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security: ignore
-2.6.17-edgy-security: ignore - no upstream patch
-2.6.20-feisty: needed
+2.6.15-dapper-security: ignore (no upstream patch)
+2.6.17-edgy-security: ignore (no upstream patch)
+2.6.20-feisty: ignore (no upstream patch)
Modified: active/CVE-2007-3739
===================================================================
--- active/CVE-2007-3739 2007-09-21 19:12:59 UTC (rev 954)
+++ active/CVE-2007-3739 2007-09-21 20:21:57 UTC (rev 955)
@@ -1,6 +1,11 @@
Candidate: CVE-2007-3739
References:
+ http://lkml.org/lkml/2007/1/29/180
Description:
+ mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does
+ not prevent stack expansion from entering into reserved kernel page
+ memory, which allows local users to cause a denial of service (OOPS)
+ via unspecified vectors.
Ubuntu-Description:
Notes:
Bugs:
Modified: active/CVE-2007-3740
===================================================================
--- active/CVE-2007-3740 2007-09-21 19:12:59 UTC (rev 954)
+++ active/CVE-2007-3740 2007-09-21 20:21:57 UTC (rev 955)
@@ -1,6 +1,10 @@
Candidate: CVE-2007-3740
References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=253314
Description:
+ The CIFS filesystem, when Unix extension support is enabled, does
+ not honor the umask of a process, which allows local users to gain
+ privileges.
Ubuntu-Description:
Notes:
Bugs:
Modified: active/CVE-2007-4567
===================================================================
--- active/CVE-2007-4567 2007-09-21 19:12:59 UTC (rev 954)
+++ active/CVE-2007-4567 2007-09-21 20:21:57 UTC (rev 955)
@@ -5,7 +5,8 @@
Description:
Ubuntu-Description:
Notes:
- kees> introduced in 2.6.20
+ kees> introduced in 2.6.20, fixed in 2.6.22
+ kees> note: reports say the above git commit does NOT seem to fix the issue
Bugs:
upstream: pending (2.6.22.5)
linux-2.6:
More information about the kernel-sec-discuss
mailing list