Contents of /retired/CVE-2006-1066

Candidate: CVE-2006-1066
References: 
Description: 2.6.8 ia64 kernel w/ PREEMPT enabled permits local DoS (oops)
Notes: 
 From:  dann frazier <dannf@dannf.org>
 To:    team@security.debian.org
 Subject:       kernel-image-2.6.8-ia64 - disable preempt
 Date:  Fri, 25 Mar 2005 18:57:59 -0700
 .
 hey security team,
   Its likely that kernel-image-2.6.8-ia64 (2.6.8-12) will be the version
 that ships in sarge.  This kernel has CONFIG_PREEMPT enabled, which has
 at least one known issue in ptrace code that lets an unpriveleged
 userspace process trigger an oops.  This issue went away upstream by
 2.6.9, but its unclear what actually fixed it.  SuSE/RedHat disable
 PREEMPT for ia64 (or so I'm told), so they are not affected.  This same
 test case does _not_ fail on x86, which also has PREEMPT enabled for
 sarge.
 .
   This issue has been known for a while, but I waited until after d-i
 RC3 to upload it, since it changes the ABI.  This fix is in the 2.6.8-13
 build in unstable, but the release team is blocking this kernel from
 normal sarge propagation to keep the kernel udebs in sync.
 .
 .
 dannf> This is only a config change, so it requires no changes to
 dannf> kernel-source-2.6.8, but I'll use the kernel-source version
 dannf> for the pending/released tags to match the others.
Bugs: 
upstream: 
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge2)
2.4.27-sarge-security: N/A
2.6.8: needed
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A
1	micah	380	Candidate: CVE-2006-1066
2	dannf	55	References:
3	micah	380	Description: 2.6.8 ia64 kernel w/ PREEMPT enabled permits local DoS (oops)
4	dannf	73	Notes:
5	dannf	72	From: dann frazier <dannf@dannf.org>
6			To: team@security.debian.org
7			Subject: kernel-image-2.6.8-ia64 - disable preempt
8			Date: Fri, 25 Mar 2005 18:57:59 -0700
9			.
10			hey security team,
11			Its likely that kernel-image-2.6.8-ia64 (2.6.8-12) will be the version
12			that ships in sarge. This kernel has CONFIG_PREEMPT enabled, which has
13			at least one known issue in ptrace code that lets an unpriveleged
14			userspace process trigger an oops. This issue went away upstream by
15			2.6.9, but its unclear what actually fixed it. SuSE/RedHat disable
16			PREEMPT for ia64 (or so I'm told), so they are not affected. This same
17			test case does _not_ fail on x86, which also has PREEMPT enabled for
18			sarge.
19			.
20			This issue has been known for a while, but I waited until after d-i
21			RC3 to upload it, since it changes the ABI. This fix is in the 2.6.8-13
22			build in unstable, but the release team is blocking this kernel from
23			normal sarge propagation to keep the kernel udebs in sync.
24	micah	380	.
25			.
26			dannf> This is only a config change, so it requires no changes to
27			dannf> kernel-source-2.6.8, but I'll use the kernel-source version
28			dannf> for the pending/released tags to match the others.
29	dannf	55	Bugs:
30			upstream:
31	micah	380	linux-2.6: N/A
32	dannf	392	2.6.8-sarge-security: released (2.6.8-16sarge2)
33	dannf	72	2.4.27-sarge-security: N/A
34			2.6.8: needed
35			2.4.19-woody-security: N/A
36			2.4.18-woody-security: N/A
37			2.4.17-woody-security: N/A
38			2.4.16-woody-security: N/A
39			2.4.17-woody-security-hppa: N/A
40			2.4.17-woody-security-ia64: N/A