Re: Linux 2.6.16.16

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 13/05/06, Adrian Bunk <[email protected]> wrote:
The CVE should be enough for easily getting all information you
requested.

Information whether it's a DoS or a root exploit is helpful, but any
qualified person doing risk management will anyways lookup the CVE.

Well, yes, but some people do *actually* use the latest kernel at home
and not in labs (et al), and as Maciej asked, we are not sure whether
the (whatever) latest patch is needed or not on whatever our current
config is the way the latest stable fixes are announced.

"    [PATCH] fs/locks.c: Fix lease_init (CVE-2006-1860)

   It is insane to be giving lease_init() the task of freeing the lock it is
   supposed to initialise, given that the lock is not guaranteed to be
   allocated on the stack. This causes lockups in fcntl_setlease().
   Problem diagnosed by Daniel Hokka Zakrisson <[email protected]>

   Also fix a slab leak in __setlease() due to an uninitialised return value.
   Problem diagnosed by Bj�¶rn Steinbrink.
"

OK, great.  But what does it mean?

It would be nice to have a short explanation of what the fix is for in
real world terms.

Nick
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux