[kernel-sec-discuss] r2475 - dsa-texts
Moritz Muehlenhoff
jmm at alioth.debian.org
Sat Sep 3 14:17:43 UTC 2011
Author: jmm
Date: 2011-09-03 14:17:42 +0000 (Sat, 03 Sep 2011)
New Revision: 2475
Modified:
dsa-texts/2.6.32-35squeeze1
Log:
updates
Modified: dsa-texts/2.6.32-35squeeze1
===================================================================
--- dsa-texts/2.6.32-35squeeze1 2011-09-02 17:27:29 UTC (rev 2474)
+++ dsa-texts/2.6.32-35squeeze1 2011-09-03 14:17:42 UTC (rev 2475)
@@ -38,19 +38,26 @@
CVE-2011-2492
- foo
+ Marek Kroemeke and Filip Palian discovered that uninitialised struct
+ elements in the Bluetooth subsystem could lead to the information
+ through leaked stack memory.
+
CVE-2011-2495
- foo
+ Vasiliy Kulikov of Openwall discovered that the io file of a process'
+ proc directory was world-readable, resulting in local information disclosure
+ of information like password lengths.
CVE-2011-2496
- foo
+ Robert Swiecki discovered that mremap() could be abused for local denial of
+ service by triggering a BUG_ON assert.
CVE-2011-2497
- foo
+ Dan Rosenberg discovered an integer underflow in the Bluetooth subsystem, which
+ could lead to denial of service or privilege escalation.
CVE-2011-2517
@@ -81,7 +88,9 @@
CVE-2011-2909
- foo
+ Vasiliy Kulikov of Openwall discovered that a programming error in
+ the Comedi driver could lead to the information disclosure through
+ leaked stack memory.
CVE-2011-2918
More information about the kernel-sec-discuss
mailing list