On Tue, Oct 11, 2005 at 10:30:42PM +0200, Moritz Muehlenhoff wrote: > Horms wrote: > > > I found three more security related reports/patches on linux-kernel. > > > > As mentioned elsewhere, the first (request_key_auth memleek) is > > CAN-2005-3119. > > Can we get CAN numbers for the other two? > > Here they are:
Thanks, I'll get them into svn and my patch_notes space ASAP. > > > From: Dave Jones <[EMAIL PROTECTED]> > > > > > > Please consider for next 2.6.13, it is a minor security issue allowing > > > users to turn on drm debugging when they shouldn't... > > ====================================================== > Candidate: CAN-2005-3179 > URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3179 > Reference: > CONFIRM:http://www.kernel.org/hg/linux-2.6/?cmd=changeset;node=d7067d7d1f92cba14963a430cfbd53098cbbc8fd > Reference: CONFIRM:http://bugs.gentoo.org/show_bug.cgi?id=107893 > > drm.c in Linux kernel 2.6.13 and earlier creates a debug file in sysfs > with world-readable and world-writable permissions, which allows local > users to enable DRM debugging and obtain sensitive information. > > > > > From: Pavel Roskin <[EMAIL PROTECTED]> > > > > > > The orinoco driver can send uninitialized data exposing random pieces of > > > the system memory. This happens because data is not padded with zeroes > > > when its length needs to be increased. > > ====================================================== > Candidate: CAN-2005-3180 > URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3180 > Reference: > CONFIRM:http://www.kernel.org/hg/linux-2.6/?cmd=changeset;node=feecb2ffde28639e60ede769c6f817dc536c677b > > The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does > not properly clear memory from a previously used packet whose length > is increased, which allows remote attackers to obtain sensitive > information. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
