[kernel-sec-discuss] r2129 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Jan 7 14:01:30 UTC 2011
Author: jmm
Date: 2011-01-07 14:01:26 +0000 (Fri, 07 Jan 2011)
New Revision: 2129
Added:
active/CVE-2010-4525
active/CVE-2010-4648
active/CVE-2010-4649
active/CVE-2010-4650
active/CVE-2011-0006
Log:
new kernel issues
Added: active/CVE-2010-4525
===================================================================
--- active/CVE-2010-4525 (rev 0)
+++ active/CVE-2010-4525 2011-01-07 14:01:26 UTC (rev 2129)
@@ -0,0 +1,13 @@
+Candidate: CVE-2010-4525
+Description:
+References:
+Notes:
+ jmm> According to the description by Eugene Teo on oss-security,
+ jmm> this should only affect 2.6.33/2.6.34, should be double-checked
+ jmm> with the upstream fix, though
+Bugs:
+upstream:
+2.6.32-upstream-stable:
+linux-2.6:
+2.6.26-lenny-security:
+2.6.32-squeeze-security:
Added: active/CVE-2010-4648
===================================================================
--- active/CVE-2010-4648 (rev 0)
+++ active/CVE-2010-4648 2011-01-07 14:01:26 UTC (rev 2129)
@@ -0,0 +1,10 @@
+Candidate: CVE-2010-4648
+Description: orinoco: fix TKIP countermeasure behaviour
+References:
+Notes:
+Bugs:
+upstream: released (2.6.37) [0a54917c3fc295cb61f3fb52373c173fd3b69f48]
+2.6.32-upstream-stable: pending (2.6.32.28)
+linux-2.6: pending (2.6.32-30)
+2.6.26-lenny-security: N/A "Introduced in 2.6.29"
+2.6.32-squeeze-security: pending (2.6.32-30)
Added: active/CVE-2010-4649
===================================================================
--- active/CVE-2010-4649 (rev 0)
+++ active/CVE-2010-4649 2011-01-07 14:01:26 UTC (rev 2129)
@@ -0,0 +1,10 @@
+Candidate: CVE-2010-4649
+Description: IB/uverbs: Handle large number of entries in poll CQ
+References:
+Notes:
+Bugs:
+upstream: released (2.6.37) [7182afea8d1afd432a17c18162cc3fd441d0da93]
+2.6.32-upstream-stable: pending (2.6.32.28)
+linux-2.6: pending (2.6.32-30)
+2.6.26-lenny-security: needed
+2.6.32-squeeze-security: pending (2.6.32-30)
Added: active/CVE-2010-4650
===================================================================
--- active/CVE-2010-4650 (rev 0)
+++ active/CVE-2010-4650 2011-01-07 14:01:26 UTC (rev 2129)
@@ -0,0 +1,10 @@
+Candidate: CVE-2010-4650
+Description: fuse: verify ioctl retries
+References:
+Notes:
+Bugs:
+upstream: released (2.6.37) [7572777eef78ebdee1ecb7c258c0ef94d35bad16]
+2.6.32-upstream-stable: pending (2.6.32.28)
+linux-2.6: pending (2.6.32-30)
+2.6.26-lenny-security: N/A "Introduced in 2.6.29)
+2.6.32-squeeze-security: pending (2.6.32-30)
Added: active/CVE-2011-0006
===================================================================
--- active/CVE-2011-0006 (rev 0)
+++ active/CVE-2011-0006 2011-01-07 14:01:26 UTC (rev 2129)
@@ -0,0 +1,11 @@
+Candidate: CVE-2011-0006
+Description: ima: fix add LSM rule bug
+References:
+Notes:
+ jmm> Not activated, only in source package
+Bugs:
+upstream: released (2.6.37) [867c20265459d30a01b021a9c1e81fb4c5832aa9]
+2.6.32-upstream-stable: pending (2.6.32.28)
+linux-2.6: pending (2.6.32-30)
+2.6.26-lenny-security: N/A "Introduced in 2.6.30"
+2.6.32-squeeze-security: pending (2.6.32-30)
More information about the kernel-sec-discuss
mailing list