[VIM] Clarification on affected Linux kernel versions - CVE-2006-4535
Steven M. Christey
coley at linus.mitre.org
Wed Sep 20 14:45:28 EDT 2006
More precisely: this issue is a vulnerability in a patch. The patch had
been back-ported to some older kernel versions in some distros, so those
distros have to go and fix the patch, even though it didn't appear in
those older versions of the kernel.org kernel. I hope you got it, 'cause
I'm still not sure I do ;-)
On Wed, 20 Sep 2006, Steven M. Christey wrote:
> See analysis. The original CVE analyst inferred the affected kernel
> versions from the Ubuntu advisory, but turns out this was incorrect.
> - Steve
> Name: CVE-2006-4535
> Status: Candidate
> URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4535
> Acknowledged: yes advisory
> Announced: 20060918
> Flaw: other
> Reference: MISC:http://email@example.com/msg02314.html
> Reference: MISC:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204460
> Reference: UBUNTU:USN-347-1
> Reference: URL:http://www.ubuntu.com/usn/usn-347-1
> Reference: BID:20087
> Reference: URL:http://www.securityfocus.com/bid/20087
> The Linux kernel 18.104.22.168 and 22.214.171.124 and 2.6.18-rc5 allows local
> users to cause a denial of service (crash) via an SCTP socket with a
> certain SO_LINGER value, possibly related to the patch for
> CVE-2006-3745. NOTE: other kernel versions for specific distributions
> might also be affected.
> ACCURACY: Marcel Holtmann of Red Hat notified CVE on 20060910 that the
> only affected versions were 126.96.36.199, 188.8.131.52, and 2.6.18-rc5.
> This is inconsistent with Ubuntu's patches for some kernel versions up
> to 2.6.15, but it's possible that the original CVE-2006-3745 patch was
> ported to older versions.
> ACCURACY: Comments from the SVN changelog/diff reveal that this
> problem was introduced with the patch for CVE-2006-3745:
> "sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from
> sctp-priv-elevation.dpatch / See CVE-2006-4535"
More information about the VIM