Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 133024
Alias:
Product:
Component:
Status: RESOLVED
Resolution: DUPLICATE of bug 132855
Assigned To: Gentoo Linux bug wranglers <bug-wranglers@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Frederic Mangeant <frederic.mangeant@gmail.com>
Add CC:
CC:
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 133024 depends on: Show dependency tree
Bug 133024 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-05-11 08:05 0000 
Here's the announcement :
http://www.ussg.iu.edu/hypermail/linux/kernel/0605.1/0993.html

And the security advisory : http://www.frsirt.com/english/advisories/2006/1767

"Two vulnerabilities have been identified in Linux Kernel, which could be
exploited by local attackers to cause a denial of service or disclose sensitive
information.

The first issue is due to an error in the "lease_init()" [fs/locks.c] function
that incorrectly frees unallocated memory when handling an invalid "arg"
argument, which could be exploited by malicious users to crash a vulnerable
system.

The second issue is due to an uninitialised return value in "__setlease()",
which could cause a slab leak."

"Solution : Upgrade to Linux Kernel version 2.6.16.16"

------- Comment #1 From Jakub Moc (RETIRED) 2006-05-11 08:10:03 0000 ------- 

*** This bug has been marked as a duplicate of 132855 ***
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug