Package: linux-2.6 Severity: normal Tags: upstream security
>From CAN-2005-3055: Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference. References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3055 [2] http://marc.theaimsgroup.com/?l=linux-kernel&m=112766129313883 [3] http://lkml.org/lkml/2005/9/30/218 I believe that the 2.6.12 and 2.6.13 kernels have this problem. 2.6.8 and 2.4.27 do not seem to have it as the driver is missing. Upstream do not seem to have a solution (See [3] above) yet, but I expect it will show up in 2.6-stable when they do. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-1-686-smp Locale: LANG=ja_JP.eucJP, LC_CTYPE=ja_JP.eucJP (charmap=EUC-JP) (ignored: LC_ALL set to ja_JP.eucJP) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
