blob: 6ad4dddd8963d907a19aec98710810629db93188 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
Candidate: CVE-2003-0246
References:
REDHAT:RHSA-2003:172
URL:http://www.redhat.com/support/errata/RHSA-2003-172.html
REDHAT:RHSA-2003:147
URL:http://www.redhat.com/support/errata/RHSA-2003-147.html
ENGARDE:ESA-20030515-017
URL:http://marc.theaimsgroup.com/?l=bugtraq&m=105301461726555&w=2
DEBIAN:DSA-311
URL:http://www.debian.org/security/2003/dsa-311
DEBIAN:DSA-312
URL:http://www.debian.org/security/2003/dsa-312
DEBIAN:DSA-332
URL:http://www.debian.org/security/2003/dsa-332
DEBIAN:DSA-336
URL:http://www.debian.org/security/2003/dsa-336
DEBIAN:DSA-442
URL:http://www.debian.org/security/2004/dsa-442
MANDRAKE:MDKSA-2003:066
URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:066
MANDRAKE:MDKSA-2003:074
URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:074
TURBO:TLSA-2003-41
URL:http://www.turbolinux.com/security/TLSA-2003-41.txt
VULNWATCH:20030520 Linux 2.4 kernel ioperm vuln
URL:http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0076.html
OVAL:OVAL278
URL:http://oval.mitre.org/oval/definitions/data/oval278.html
Description:
The ioperm system call in Linux kernel 2.4.20 and earlier does not properly
restrict privileges, which allows local users to gain read or write access to
certain I/O ports.
Notes:
It looks like the patch originally included in woody was just a one line
change; whereas there were two larger patches that went upstream. I'm
moving our trees forward to the upstream one.
.
Patch is x86 only.
Bugs:
upstream: released (2.4.21-rc4)
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: released (2.4.19-4.woody3)
2.4.18-woody-security: pending (2.4.18-14.5)
2.4.17-woody-security: released (2.4.17-1woody4)
2.4.16-woody-security: released (2.4.16-1woody3)
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: released (011226.14.1)
2.4.18-woody-security-hppa: N/A
|