Finalmente è uscita la nuova versione del kernel 2.6.23.8

wait_task_stopped: Check p->exit_state instead of TASK_TRACED (CVE-2007-5500)

   patch a3474224e6a01924be40a8255636ea5522c1023a in mainline

   The original meaning of the old test (p->state > TASK_STOPPED) was
   "not dead", since it was before TASK_TRACED existed and before the
   state/exit_state split.  It was a wrong correction in commit
   14bf01bb0599c89fc7f426d20353b76e12555308 to make this test for
   TASK_TRACED instead.  It should have been changed when TASK_TRACED
   was introducted and again when exit_state was introduced.

   TCP: Make sure write_queue_from does not begin with NULL ptr (CVE-2007-5501)

   patch 96a2d41a3e495734b63bff4e5dd0112741b93b38 in mainline.

   NULL ptr can be returned from tcp_write_queue_head to cached_skb
   and then assigned to skb if packets_out was zero. Without this,
   system is vulnerable to a carefully crafted ACKs which obviously
   is remotely triggerable.

   Besides, there's very little that needs to be done in sacktag
   if there weren't any packets outstanding, just skipping the rest
   doesn't hurt.

Download

Segnala presso: