Re: CVE-2005-2709 - Another local DoS in the kernel
Sven Luther <sven.luther@wanadoo.fr> wrote:
> On Wed, Nov 09, 2005 at 02:48:10PM +0100, Moritz Muehlenhoff wrote:
>> Hi Horms and the rest of debian-kernel,
>> Al Viro has found another local DoS vulnerability in the kernel; one
>> can trigger an oops in sysctl. The fix is the only code change in
>> 2.6.14.1 and has been assigned CVE-2005-2709.
>
> Sadly, Manoj uploaded an untried kernel-package version to unstable, which
> broke kernel builds, this is currently being worked on, but at this time there
> has not been a confirmed fix yet, so it is not possible to upload packages
> containign 2.6.14.1 which fix this CVE and was mentioned here a coupe of hours
> ago. The patches are already in our SVN repo though, so you could try building
> them yourself with the older kernel-package, or wait a bit.
I think that the kernel-package problems have advanced this afternoon,
I put in one or two changes into trunk/linux-2.6. I haven't checked
the results of a build, but I encourage others to do so.
--
Horms
Reply to: