On Wed, Mar 23, 2005 at 04:56:19PM +0900, Horms wrote: > On Thu, Mar 17, 2005 at 10:42:28PM -0600, Micah Anderson wrote: > > Package: kernel-source-2.6.8 > > Version: 2.6.8-14 > > Severity: normal > > Tags: security patch > > > > CAN-2004-1191 reads: > > > > Race condition ... when run on SMP systems that have more than 4GB of > > memory, could allow local users to read unauthorized memory from > > "foreign memory pages." Apparantly it also allows remote attackers to > > obtain sensitive information, caused by a vulnerability in the > > smb_recv_trans2 function, could also send a specially-crafted TRANS2 > > SMB packet to cause a kernel memory leak. > > FYI, this problem (or one that looks a lot like it) is also > present in 2.4.27 and I plan to include the following fixes > in kernel-source-2.4.27-9 > > http://linux.bkbits.net:8080/linux-2.4/[EMAIL PROTECTED] > http://linux.bkbits.net:8080/linux-2.4/[EMAIL PROTECTED]
Correction, these changes were included in kernel-source-2.4.27-6. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]