[kernel] r5077 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Sat Dec 24 13:24:45 UTC 2005
Author: jmm-guest
Date: Sat Dec 24 13:24:45 2005
New Revision: 5077
Added:
patch-tracking/CVE-2004-1334
Log:
integer overflow in ip_options_get
Added: patch-tracking/CVE-2004-1334
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2004-1334 Sat Dec 24 13:24:45 2005
@@ -0,0 +1,24 @@
+Candidate: CVE-2004-1334
+References:
+ http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html
+ http://marc.theaimsgroup.com/?l=bugtraq&m=110383108211524&w=2
+ http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html
+ http://www.securityfocus.com/bid/11956
+ http://xforce.iss.net/xforce/xfdb/18522
+Description:
+ Integer overflow in the ip_options_get function in the Linux kernel before
+ 2.6.10 allows local users to cause a denial of service (kernel crash) via a
+ cmsg_len that contains a -1, which leads to a buffer overflow.
+Notes:
+Bugs:
+upstream: released (2.6.10)
+linux-2.6: N/A
+2.6.8-sarge-security: resolved (2.6.8-11)
+2.4.27-sarge-security:
+2.6.8: released (2.6.8-11)
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
More information about the Kernel-svn-changes
mailing list