[Secure-testing-team] A new round of kernel vulnerabilities
micah
micah at riseup.net
Thu Oct 6 14:26:27 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
These are the CVE assignments I requested from Mitre for the security
patches that have been already applied to the 2.6.8sarge1 update.
I will work with horms to get these added to the changelog entries
next to the patches which address the problems.
Micah
Moritz Muehlenhoff wrote:
> Hi, as usual; to minimize the overhead I'm sending these again by
> email and not through the BTS.
>
> CAN-2005-3110: DoS on SMP, potentially 2.4 and 2.6
> http://sourceforge.net/mailarchive/forum.php?thread_id=6800453&forum_id=8572
>
>
> CAN-2005-3109: Local DoS through oops by mounting a non-HFS+
> filesystem as HFS+.
> http://www.kernel.org/git/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=945b092011c6af71a0107be96e119c8c08776f3f
>
>
> CAN-2005-3108: DoS and potential information leak in ioremap
> (seemingly specific to amd64)
> http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=93ef70a217637ade3f335303a112b22a134a1ec2
>
>
> CAN-2005-3107: Local DoS through threads tracing each other by
> forcing a core dump, while the traced thread is in TASK_TRACED
> state.
> http://www.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.11-rc1/2.6.11-rc1-mm1/broken-out/fix-coredump_wait-deadlock-with-ptracer-tracee-on-shared-mm.patch
>
>
> CAN-2005-3106: DoS through race condition in processes that share a
> memory mapping through CLONE_VM
> http://linux.bkbits.net:8080/linux-2.6/diffs/fs/exec.c@1.156?nav=index.html|src/|src/fs|hist/fs/exec.c
>
>
> CAN-2005-3105: ia64 Montecito CPU do not maintain cache coherency
> correctly, which can be exploited by a local DoS.
> http://linux.bkbits.net:8080/linux-2.6/cset@4248d4019z8HvgrPAji51TKrWiV2uw?nav=index.html|src/|src/mm|related/mm/mprotect.c
>
>
> Cheers, Moritz
>
> _______________________________________________ Secure-testing-team
> mailing list Secure-testing-team at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDRTQT9n4qXRzy1ioRAoKRAJsGUSRaKIlxe6VVzEJquG7WktwGhgCglpe9
f6eFq6/pL8jWckbN5BIcyVY=
=2dBi
-----END PGP SIGNATURE-----
More information about the Secure-testing-team
mailing list