[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#287770: marked as done (CAN-2004-1137: allow a local user to cause a denial of service)

Your message dated Thu, 6 Jan 2005 17:48:27 +0900
with message-id <20050106084827.GG8795@verge.net.au>
and subject line Bug#287770: CAN-2004-1137: allow a local user to cause a denial of service
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 29 Dec 2004 23:01:30 +0000
>From faj@bzz.no Wed Dec 29 15:01:30 2004
Return-path: <faj@bzz.no>
Received: from gateway.bzzware.org [212.125.240.90] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1Cjmos-00015E-00; Wed, 29 Dec 2004 15:01:30 -0800
Received: from fajx300.home.bzzware.org ([10.54.39.3] helo=fajx300.bzzware.org)
	by gateway.bzzware.org with esmtp (Exim 3.35 #1 (Debian))
	id 1Cjmny-0002i2-00; Thu, 30 Dec 2004 00:00:34 +0100
Received: from finnarne by fajx300.bzzware.org with local (Exim 4.34)
	id 1Cjmo0-0007bv-EF; Thu, 30 Dec 2004 00:00:36 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Finn-Arne Johansen <faj@bzz.no>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: CAN-2004-1137: allow a local user to cause a denial of service
X-Mailer: reportbug 3.2
Date: Thu, 30 Dec 2004 00:00:36 +0100
Message-Id: <E1Cjmo0-0007bv-EF@fajx300.bzzware.org>
Sender: Finn-Arne Johansen <faj@bzz.no>
X-MailScanner: Found to be clean
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

Package: kernel-image-2.4.27-i386
Severity: normal

Petter Reinholdsen (pere) forwarded some issues regarding the
RHEL kernels, and I've found that at least 2 of them affects
kernel-image-2.4.27-i386

> ISEC security research discovered multiple vulnerabilities in the IGMP
> functionality which was backported in the Red Hat Enterprise Linux 3
> kernels. These flaws could allow a local user to cause a denial of
> service (crash) or potentially gain privileges. Where multicast
> applications are being used on a system, these flaws may also allow
> remote users to cause a denial of service. The Common Vulnerabilities
> and Exposures project (cve.mitre.org) has assigned the name
> CAN-2004-1137 to this issue.

This one also Hangs one cpu effectivly (I checked CAN-2004-1016 first)

---------------------------------------
Received: (at 287770-done) by bugs.debian.org; 6 Jan 2005 09:38:54 +0000
>From horms@koto.vergenet.net Thu Jan 06 01:38:54 2005
Return-path: <horms@koto.vergenet.net>
Received: from koto.vergenet.net [210.128.90.7] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1CmU6Y-0000yJ-00; Thu, 06 Jan 2005 01:38:54 -0800
Received: by koto.vergenet.net (Postfix, from userid 7100)
	id 3409F34089; Thu,  6 Jan 2005 18:20:40 +0900 (JST)
Date: Thu, 6 Jan 2005 17:48:27 +0900
From: Horms <horms@debian.org>
To: Finn-Arne Johansen <faj@bzz.no>, 287770-done@bugs.debian.org
Subject: Re: Bug#287770: CAN-2004-1137: allow a local user to cause a denial of service
Message-ID: <20050106084827.GG8795@verge.net.au>
References: <E1Cjmo0-0007bv-EF@fajx300.bzzware.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <E1Cjmo0-0007bv-EF@fajx300.bzzware.org>
X-Cluestick: seven
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: 287770-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

On Thu, Dec 30, 2004 at 12:00:36AM +0100, Finn-Arne Johansen wrote:
> Package: kernel-image-2.4.27-i386
> Severity: normal
> 
> Petter Reinholdsen (pere) forwarded some issues regarding the
> RHEL kernels, and I've found that at least 2 of them affects
> kernel-image-2.4.27-i386
> 
> > ISEC security research discovered multiple vulnerabilities in the IGMP
> > functionality which was backported in the Red Hat Enterprise Linux 3
> > kernels. These flaws could allow a local user to cause a denial of
> > service (crash) or potentially gain privileges. Where multicast
> > applications are being used on a system, these flaws may also allow
> > remote users to cause a denial of service. The Common Vulnerabilities
> > and Exposures project (cve.mitre.org) has assigned the name
> > CAN-2004-1137 to this issue.
> 
> This one also Hangs one cpu effectivly (I checked CAN-2004-1016 first)

Thanks, this has been fixed by the upload of kernel-source-2.4.27 2.4.27-7,
and the correspodning kernel-image-2.4.27-i386 2.4.27-7 package.

-- 
Horms
Reply to: