Ubuntu
linux-source-2.6.15 package

[CVE-2007-6694] local DoS vulnerability on powerpc platform

  1. Dapper (6.06)
  2. Bug #227315
Bug #227315 reported by disabled.user
254
Affects Status Importance Assigned to Milestone
linux-source-2.6.15 (Ubuntu)
Fix Released
Undecided
Kees Cook
Dapper
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: linux-source-2.6.15

Quoting CVE-2007-6694:
"The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference. "

CVE References

Revision history for this message
Kees Cook (kees) wrote : Re: [Bug 227315] [NEW] [CVE-2007-6694] local DoS vulnerability on powerpc platform

This doesn't appear to actually be a security issue, but is getting
fixed shortly anyway since it has a nearly trivial solution.

Revision history for this message
disabled.user (disabled.user-deactivatedaccount) wrote :

I got this CVE from a recent DSA (http://www.debian.org/security/2008/dsa-1565) and thought I'd bring it up for Dapper's PowerPC branch.

Jamie Strandboge (jdstrand)
Changed in linux-source-2.6.15:
status: New → Invalid
assignee: nobody → kees
status: New → In Progress
Revision history for this message
Kees Cook (kees) wrote :

This was fixed: http://www.ubuntu.com/usn/usn-614-1

Changed in linux-source-2.6.15:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.