[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] kernel: CVE-2011-2482/2519
From: Eugene Teo <eugene () redhat ! com>
Date: 2011-08-30 4:03:03
Message-ID: 4E5C60F7.8060602 () redhat ! com
[Download RAW message or body]
CVE-2011-2482 sctp DoS
This does not affect the upstream kernel. Our kernel left out a chunk of
upstream ea2bc483ff5 that was not needed at the time of the backport,
but was later required for a feature that we introduced in the kernel.
https://bugzilla.redhat.com/CVE-2011-2482
http://git.kernel.org/linus/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d
CVE-2011-2519 xen: x86_emulate: fix SAHF emulation
This has been addressed in the upstream xen implementation. The patched
code would cause a hypervisor crash due to dereferencing a bogus address
(in the first 4 MBs of address space, as EFLAGS bits above bit 21 are
always 0, but more likely in the first page).
http://xenbits.xen.org/hg/xen-3.1-testing.hg/rev/15644
https://bugzilla.redhat.com/CVE-2011-2519
Thanks, Eugene
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic