[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] kernel: CVE-2011-2482/2519
From:       Eugene Teo <eugene () redhat ! com>
Date:       2011-08-30 4:03:03
Message-ID: 4E5C60F7.8060602 () redhat ! com
[Download RAW message or body]

CVE-2011-2482 sctp DoS
This does not affect the upstream kernel. Our kernel left out a chunk of
upstream ea2bc483ff5 that was not needed at the time of the backport,
but was later required for a feature that we introduced in the kernel.

https://bugzilla.redhat.com/CVE-2011-2482
http://git.kernel.org/linus/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d

CVE-2011-2519 xen: x86_emulate: fix SAHF emulation
This has been addressed in the upstream xen implementation. The patched
code would cause a hypervisor crash due to dereferencing a bogus address
(in the first 4 MBs of address space, as EFLAGS bits above bit 21 are
always 0, but more likely in the first page).

http://xenbits.xen.org/hg/xen-3.1-testing.hg/rev/15644
https://bugzilla.redhat.com/CVE-2011-2519

Thanks, Eugene
[prev in list] [next in list] [prev in thread] [next in thread]