[kernel-sec-discuss] r2126 - active
Dann Frazier
dannf at alioth.debian.org
Thu Jan 6 16:42:28 UTC 2011
Author: dannf
Date: 2011-01-06 16:42:27 +0000 (Thu, 06 Jan 2011)
New Revision: 2126
Added:
active/CVE-2010-af_unix-recursion
Modified:
active/CVE-2010-4249
Log:
status update
Modified: active/CVE-2010-4249
===================================================================
--- active/CVE-2010-4249 2011-01-06 16:13:49 UTC (rev 2125)
+++ active/CVE-2010-4249 2011-01-06 16:42:27 UTC (rev 2126)
@@ -25,9 +25,11 @@
dannf> (https://lkml.org/lkml/2010/11/25/8) is different; and has
dannf> different symptoms (unkillable process vs. OOM) - perhaps it should
dannf> have a different CVE?
+ dannf>
+ dannf> I've added CVE-2010-af_unix-recursion to track that issue.
Bugs:
upstream:
2.6.32-upstream-stable:
-linux-2.6:
+linux-2.6: pending (2.6.30-30) [bugfix/all/af_unix-limit-unix_tot_inflight.patch, bugfix/all/scm-lower-SCM_MAX_FD.patch]
2.6.26-lenny-security:
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.30-30) [bugfix/all/af_unix-limit-unix_tot_inflight.patch, bugfix/all/scm-lower-SCM_MAX_FD.patch]
Copied: active/CVE-2010-af_unix-recursion (from rev 2125, active/00boilerplate)
===================================================================
--- active/CVE-2010-af_unix-recursion (rev 0)
+++ active/CVE-2010-af_unix-recursion 2011-01-06 16:42:27 UTC (rev 2126)
@@ -0,0 +1,12 @@
+Candidate:
+Description:
+References:
+ https://lkml.org/lkml/2010/11/25/8
+Notes:
+ dannf> similar reproducer to CVE-2010-4249
+Bugs:
+upstream: released [25888e3]
+2.6.32-upstream-stable:
+linux-2.6:
+2.6.26-lenny-security:
+2.6.32-squeeze-security: needed
More information about the kernel-sec-discuss
mailing list