oss-sec mailing list archives
Re: CVE request: kernel: connector security bypass
From: Josh Bressers <bressers () redhat com>
Date: Thu, 1 Apr 2010 14:00:14 -0400 (EDT)
----- "dann frazier" <dannf () dannf org> wrote:
Debian provides an out-of-tree drbd module (drbd8), and it appears to be affected by this issue as well. I assume we need to allocate an additional CVE ID for it? Here's a link to the upstream fix: http://git.drbd.org/?p=drbd-8.3.git;a=commitdiff;h=71915b0d267392c77fe0ae2309535333026cef66 The in-tree version that got merged for 2.6.33 looks fine.
Please use CVE-2010-0747 for this module (drbd8). -- JB
Current thread:
- Re: CVE request: kernel: connector security bypass Josh Bressers (Apr 01)