CVE-2004-2135 and CVE-2004-2136

From: Michael Gilbert
Date: Wed Dec 02 2009 - 09:40:17 EST

Next message: Ingo Molnar: "Re: [tip:perf/core] tracing: Add DEFINE_EVENT(),DEFINE_SINGLE_EVENT() support to docbook"
Previous message: Vivek Goyal: "Re: [PATCH 4/4] cfq-iosched: fix corner cases in idling logic"
Next in thread: Michael Gilbert: "Re: CVE-2004-2135 and CVE-2004-2136"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

CVE-2004-2135 [0] and CVE-2004-2136 [1] were disclosed over five years
ago; however, i have been unable to verify whether they have been fixed
or not in the latest kernels. The paper [2] indicates that the
disclosing team developed a 3,000 line patch, but I have been unable to
track this down to determine whether or not it has been applied. There
is also this more current write-up [3], which is rather revealing. Have
these issues slipped through the cracks? Thanks upfront for any info on
the matter.

Best wishes,
Mike

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2135
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2136
[2] http://mareichelt.de/pub/notmine/diskenc.pdf
[3] http://mareichelt.de/pub/texts.cryptoloop.php?alt_styles=2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ingo Molnar: "Re: [tip:perf/core] tracing: Add DEFINE_EVENT(),DEFINE_SINGLE_EVENT() support to docbook"
Previous message: Vivek Goyal: "Re: [PATCH 4/4] cfq-iosched: fix corner cases in idling logic"
Next in thread: Michael Gilbert: "Re: CVE-2004-2135 and CVE-2004-2136"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]