Re: [Secure-testing-team] Re: Bug#322273: [CAN-2005-2456]: XFRM array index buffer overflow
> As for which package to log a bug against, or cretion of duplicate bugs.
> To be honest it doesn't matter. If you email
> email@example.com, then you should get a response,
> regardless of if you open a bug in the BTS or not.
> CCing firstname.lastname@example.org if its a bug testing
> and email@example.com if its a bug instable is also a good idea.
> When we find problems, we just fix them. The BTS is really a bit to
> noisy for us to use it to track bugs effectively. Obviously this
> is a bit of a problem, but what I am trying to say is adding a bug
> to the BTS just emails debian-kernel anyway, and security bugs
> sent there are acted on. So my my advice is tho email the addresses
> above, and if you want to open a bug, just open it against any
> of the above packages that have the vulnerability.
there has been a CVE assignment for an overflow in xdr.c, which can be
exploited by crafted data in the nfsacl protocol: CAN-2005-2500
Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2500
for some links to patches. I suspect it is already fixed in kernel-2.6,
but 2.6.8 and 2.4.27 might need backports.