'Re: [oss-security] CVE requests - kernel security regressions for'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE requests - kernel security regressions for
From:       "Steven M. Christey" <coley () linus ! mitre ! org>
Date:       2009-12-31 19:37:22
Message-ID: Pine.GSO.4.64.0912311436300.18891 () faron ! mitre ! org
[Download RAW message or body]


>>> Issue #1
>>> Fabian claimed that CVE-2009-1385 has an incorrect fix:
>>> http://git.kernel.org/linus/ea30e11970a96cfe5e32c03a29332554573b4a10.
>> [...]

Use CVE-2009-4536


>>> Issue #2
>>> The fix for CVE-2009-1389 regarding the r8169 driver introduces a
>>> similar security problem as this:
>>> http://git.kernel.org/linus/fdd7b4c3302c93f6833e338903ea77245eb510b4 is
>>> a revert of this:
>>> http://git.kernel.org/linus/126fa4b9ca5d9d7cb7d46f779ad3bd3631ca387c.
>>
>> Patches update can be found here:
>> https://bugzilla.redhat.com/show_bug.cgi?id=550907#c4

Use CVE-2009-4537


> Issue #3
> I noticed that the e1000e driver also needs a similar fix as issue #1.
> https://bugzilla.redhat.com/show_bug.cgi?id=551214

Use CVE-2009-4538


- Steve
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic