oss-sec mailing list archives
kernel: CVE-2011-2482/2519
From: Eugene Teo <eugene () redhat com>
Date: Tue, 30 Aug 2011 12:03:03 +0800
CVE-2011-2482 sctp DoS This does not affect the upstream kernel. Our kernel left out a chunk of upstream ea2bc483ff5 that was not needed at the time of the backport, but was later required for a feature that we introduced in the kernel. https://bugzilla.redhat.com/CVE-2011-2482 http://git.kernel.org/linus/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d CVE-2011-2519 xen: x86_emulate: fix SAHF emulation This has been addressed in the upstream xen implementation. The patched code would cause a hypervisor crash due to dereferencing a bogus address (in the first 4 MBs of address space, as EFLAGS bits above bit 21 are always 0, but more likely in the first page). http://xenbits.xen.org/hg/xen-3.1-testing.hg/rev/15644 https://bugzilla.redhat.com/CVE-2011-2519 Thanks, Eugene
Current thread:
- kernel: CVE-2011-2482/2519 Eugene Teo (Aug 29)