[kernel-sec-discuss] r2472 - dsa-texts
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Sep 1 21:04:32 UTC 2011
Author: jmm
Date: 2011-09-01 21:04:26 +0000 (Thu, 01 Sep 2011)
New Revision: 2472
Modified:
dsa-texts/2.6.32-35squeeze1
Log:
initial updates
Modified: dsa-texts/2.6.32-35squeeze1
===================================================================
--- dsa-texts/2.6.32-35squeeze1 2011-09-01 20:42:31 UTC (rev 2471)
+++ dsa-texts/2.6.32-35squeeze1 2011-09-01 21:04:26 UTC (rev 2472)
@@ -28,7 +28,9 @@
CVE-2011-2484
- foo
+ Vasiliy Kulikov of Openwall discovered that the amount of exit handler
+ that a process can register is not capped, resulting in local denial of
+ service through resource exhaustion (cpu time and memory).
CVE-2011-2491
@@ -52,7 +54,10 @@
CVE-2011-2517
- foo
+ It was discovered that the netlink-based wireless configuration
+ interface performed insufficient length validation when parsing
+ SSIDs, resulting in buffer overflows. Local users with the
+ CAP_NET_ADMIN capability can cause a denial of service.
CVE-2011-2525
More information about the kernel-sec-discuss
mailing list