commit 23dc44dc00680dc1aee65e40178a3f2cd768f775
Author: Miklos Vajna <>
Date:   Tue May 4 13:06:41 2010 +0200


diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index a7bbd02..969a6c7 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -26,6 +26,22 @@

+               <id>668</id>
+               <date>2010-04-27</date>
+               <author>Miklos Vajna</author>
+               <package>kernel</package>
+               <vulnerable>2.6.32-4locris1</vulnerable>
+               <unaffected>2.6.32-4locris2</unaffected>
+               <bts></bts>
+               <cve>
+              </cve>
+               <desc>Three vulnerabilities have been reported in the Linux 
Kernel, which can be exploited by malicious, local users to cause a DoS (Denial 
of Service).
+                       1) A vulnerability is caused due to a NULL-pointer 
dereference error within the "cifs_create()" function in fs/cifs/dir.c. This 
can be exploited to cause a crash when a file without an associated "nameidata" 
structure is created.
+                       2) There was a check for mandatory locking where the 
GFS/GFS2 locking code skipped the lock in case sgid bits are set for the file. 
This can be triggered to cause a crash on a system mounting a GFS/GFS2 
+                       3) The vulnerability is caused due to a memory leak 
within the "release_one_tty()" function in drivers/char/tty_io.c, which can be 
exploited to e.g. cause a DoS due to memory exhaustion.</desc>
+       </fsa>
+       <fsa>
<author>Miklos Vajna</author>
Frugalware-git mailing list

Reply via email to