|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2004-0496: kernel: root hole in airo driver | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Andreas Kleen <ak> |
| Component: | Incidents | Assignee: | Thomas Biege <thomas> |
| Status: | RESOLVED FIXED | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Blocker | ||
| Priority: | P3 - Medium | CC: | security-team |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | CVE-2004-0496: CVSS v2 Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C) | ||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Attachments: | patch to fix the hole | ||
|
Description
Andreas Kleen
2004-06-16 20:48:02 UTC
Created attachment 21268 [details]
patch to fix the hole
Patch applied to CVS head. And copied ovwer to SLES9_GA_BRANCH. <!-- SBZ_reopen -->Reopened by ak@suse.de at Thu Jun 17 02:37:02 2004 Older maintained trees need to be checked too Retarget to SLES8 for now quote: CAN-2004-0495: Flaws in the Linux 2.4 and 2.6 kernel decnet, mpu401, pss, airo, msnd, and asus_pci drivers which can lead to information leaks, DoS, or privilege escalation. (so use CAN-2004-0495 for the patch Al Viro posted earlier if you're fixing your 2.4 kernels) CAN-2004-0496: Flaws in the Linux 2.6 kernel various drivers which can lead to information leaks, DoS, or privilege escalation, in addition to those in CAN-2004-0495. (so use CAN-2004-0495 and CAN-2004-0496 if you're fixing your 2.6 kernels with the big overall initial Al Viro patch). Fixes are in all maintained trees. Packages are waiting for check in. packages approved CVE-2004-0496: CVSS v2 Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C) |