Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 54977

Summary: sys-kernel/* 2.4 information leak in e1000 driver
Product: Gentoo Security Reporter: Thierry Carrez (RETIRED) <koon>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: minor    
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0535
Whiteboard: A4 [kernel]
Package list:
Runtime testing required: ---

Description Thierry Carrez (RETIRED) gentoo-dev 2004-06-24 01:26:02 UTC 
From the Mandrake advisory (http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:062):
 A vulnerability in the e1000 driver for the Linux kernel 2.4.26 and
 earlier was discovered by Chris Wright.  The e1000 driver does not
 properly reset memory or restrict the maximum length of a data
 structure, which can allow a local user to read portions of kernel
 memory (CAN-2004-0535).
Comment 1 Tim Yamin (RETIRED) gentoo-dev 2004-06-25 15:17:06 UTC 
Merging into #54976...

*** This bug has been marked as a duplicate of 54976 ***