Bug#420875: Linux Kernel NULL Pointer Dereferences and Security Bypass

To: <schoenfeld@in-medias-res.com>
Cc: 420875@bugs.debian.org, control@bugs.debian.org
Subject: Bug#420875: Linux Kernel NULL Pointer Dereferences and Security Bypass
From: Florian Weimer <fw@deneb.enyo.de>
Date: Wed, 25 Apr 2007 15:35:22 +0200
Message-id: <[🔎] 874pn41hwb.fsf@mid.deneb.enyo.de>
Reply-to: Florian Weimer <fw@deneb.enyo.de>, 420875@bugs.debian.org
In-reply-to: <462F052C.30608@in-medias-res.com> (schönfel's message of "Wed, 25 Apr 2007 09:37:16 +0200")
References: <462F052C.30608@in-medias-res.com>

severity 420875 grave
thanks

> According to debsecan and current CVEs is Debian vulnerable to
> CVE-2007-1734. Because this is remote exploitable i set the priority of
> this bug report to critical.

Huh? CVE-2007-1734 is only locally exploitable according to the
published sources.

The text you quoted applies to CVE-2007-1497, which does not allow
privilege escalaton on the machine itself.

Reply to:

Follow-Ups:
- Processed: Re: Bug#420875: Linux Kernel NULL Pointer Dereferences and Security Bypass
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Processed: Re: Bug#420875: Linux Kernel NULL Pointer Dereferences and Security Bypass
Next by Date: Bug#420998: linux-image-2.6-amd64: Depends on version of linux-image no longer in archive
Previous by thread: Bug#410853: linux-2.6: please add support for armel architecture
Next by thread: Processed: Re: Bug#420875: Linux Kernel NULL Pointer Dereferences and Security Bypass
Index(es):
- Date
- Thread