Bug 119561

Summary:	Kernel: buffer overflow in TwinHan DST DVB driver (CVE-2005-4639)
Product:	Gentoo Security	Reporter:	Thierry Carrez (RETIRED) <koon>
Component:	Kernel	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	gimli, johnm, kang, kfm, kumba, security-kernel
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:	[linux < 2.6.15]
Package list:		Runtime testing required:	---

Description Thierry Carrez (RETIRED) gentoo-dev

2006-01-19 08:43:00 UTC

Perceval Anichini found a buffer overflow in the TwinHan DST
Frontend/Card DVB driver. A local user could exploit this to crash the
kernel or possibly execute arbitrary code with full kernel privileges (CVE-2005-4639)

Comment 1 Tim Yamin (RETIRED) gentoo-dev

2006-01-22 16:09:14 UTC

Patch: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=5c15c0b4fa850543b8ccfcf93686d24456cc384d

Comment 2 Tim Yamin (RETIRED) gentoo-dev

2006-01-22 16:17:54 UTC

CCing maintainers:

hardened-sources: hardened herd, kerframil, johnm
mips-sources: Kumba (this probably might not affect MIPS)
rsbac-sources: kang
xbox-sources: gimli

Comment 3 kfm 2006-02-01 10:29:54 UTC

Fixed in hardened-sources-2.6.14-r5 and genpatches-2.6.14-10.

Comment 4 Tim Yamin (RETIRED) gentoo-dev

2006-04-20 10:55:58 UTC

All fixed now, thanks!