Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=102773747e40c717b03c1c8147450766d84786e7
commit 102773747e40c717b03c1c8147450766d84786e7 Author: Miklos Vajna <[email protected]> Date: Fri Aug 14 14:49:29 2009 +0200 FSA616-kernel diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml index 065d139..51f58a1 100644 --- a/frugalware/xml/security.xml +++ b/frugalware/xml/security.xml @@ -26,6 +26,18 @@ <fsas> <fsa> + <id>616</id> + <date>2009-08-14</date> + <author>Miklos Vajna</author> + <package>kernel</package> + <vulnerable>2.6.28-6anacreon2</vulnerable> + <unaffected>2.6.28-6anacreon3</unaffected> + <bts>http://bugs.frugalware.org/task/3907</bts> + <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692</cve> + <desc>A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. + The vulnerability is caused due to the incorrect initialisation of the proto_ops structure for certain protocols (e.g. PF_APPLETALK, PF_IPX, PF_IRDA, PF_X25, PF_AX25 families, PF_BLUETOOTH, PF_IUCV, PF_INET6 (with IPPROTO_SCTP), PF_PPPOX, and PF_ISDN), which can be exploited to cause a NULL pointer dereference when triggering the "sock_sendpage()" function for an incorrectly initialised socket.</desc> + </fsa> + <fsa> <id>615</id> <date>2009-08-14</date> <author>Miklos Vajna</author> _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
