oss-sec mailing list archives
Re: CVE Request: kernel [Re: Security review of 2.6.32.28]
From: Josh Bressers <bressers () redhat com>
Date: Thu, 6 Jan 2011 14:13:16 -0500 (EST)
[03/49] fuse: verify ioctl retries Kernel buffer overflow, but only CUSE servers could exploit it and /dev/cuse is normally restricted to root.Upstream fix: http://git.kernel.org/linus/7572777eef78ebdee1ecb7c258c0ef94d35bad16 Introduced in 2.6.29.
Please use CVE-2010-4650
[16/49] IB/uverbs: Handle large number of entries in poll CQ Fixes integer overflow and information leak which I assume can be triggered by unprivileged local users.Sounds like it - Documentation/infiniband/user_verbs.txt says: "Since the InfiniBand userspace verbs should be safe for use by non-privileged processes, it may be useful to add an appropriate MODE or GROUP to the udev rule." Upstream fix: http://git.kernel.org/linus/7182afea8d1afd432a17c18162cc3fd441d0da93 Introduced in 2.6.15.
Please use CVE-2010-4649
[20/49] orinoco: fix TKIP countermeasure behaviour Fixes cryptographic weakness potentially leaking information to remote (but physically nearby) users.Upstream fix: http://git.kernel.org/linus/0a54917c3fc295cb61f3fb52373c173fd3b69f48 Introduced in 2.6.28.
Please use CVE-2010-4648.
[44/49] ima: fix add LSM rule bug Allows subversion of IMA. Not relevant to Debian kernel images since we don't build IMA.Upstream fix: http://git.kernel.org/linus/867c20265459d30a01b021a9c1e81fb4c5832aa9 Introoduced in 2.6.30.
Please use CVE-2011-0006 Thanks. -- JB
Current thread:
- CVE Request: kernel [Re: Security review of 2.6.32.28] dann frazier (Jan 06)
- Re: CVE Request: kernel [Re: Security review of 2.6.32.28] Josh Bressers (Jan 06)