Bug#302704: CAN-2005-0750: Possible local root exploit through insufficient range checking in af_bluetooth

To: Moritz Muehlenhoff <jmm@inutil.org>, 302704@bugs.debian.org
Cc: Debian Bug Tracking System <control@bugs.debian.org>
Subject: Bug#302704: CAN-2005-0750: Possible local root exploit through insufficient range checking in af_bluetooth
From: Horms <horms@debian.org>
Date: Mon, 4 Apr 2005 11:04:40 +0900
Message-id: <[🔎] 20050404020439.GE11182@verge.net.au>
Reply-to: Horms <horms@debian.org>, 302704@bugs.debian.org
In-reply-to: <[🔎] E1DHi9M-0004F8-Ui@localhost.localdomain>
References: <[🔎] E1DHi9M-0004F8-Ui@localhost.localdomain>

tag 302704 +pending
thanks

On Sat, Apr 02, 2005 at 02:54:52PM +0200, Moritz Muehlenhoff wrote:
> Package: kernel-source-2.4.27
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> CAN-2005-0750: Insufficient range checking in af_bluetooth allows local root exploit.
> 
> This is the full advisory:
> http://lists.grok.org.uk/pipermail/full-disclosure/ attachments/20050327/3f128a09/adv1.pdf
> 
> This has been fixed in 2.4.30rc3, a fix is available in Bitkeeper:
> http://linux.bkbits.net:8080/linux-2.4/gnupatch@4244717faf_jG6n164uKBvLcVKTAtw

Thanks, I have this fix in SVN.

-- 
Horms

Reply to:

Follow-Ups:
- Processed: Re: Bug#302704: CAN-2005-0750: Possible local root exploit through insufficient range checking in af_bluetooth
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

References:
- Bug#302704: CAN-2005-0750: Possible local root exploit through insufficient range checking in af_bluetooth
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: Bug#302705: CAN-2005-0749: Potential DOS in elf_load_library()
Next by Date: Bug#294867: base: de4x5.ko generates endless loop of errors with phobos p430tx
Previous by thread: Bug#302704: CAN-2005-0750: Possible local root exploit through insufficient range checking in af_bluetooth
Next by thread: Processed: Re: Bug#302704: CAN-2005-0750: Possible local root exploit through insufficient range checking in af_bluetooth
Index(es):
- Date
- Thread