Ubuntu
linux-source-2.6.22 package

  1. Bug #190587
  2. Comment #89

Comment 89 for bug 190587

Revision history for this message
In , mjc (mjc-redhat-bugs) wrote :

Note that there may be a little confusion as there are actually three vmsplice
issues:

CVE-2008-0009 is already fixed upstream, does not affect any RHEL, has no
public exploit. Upstream patch is the second hunk of:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8811930dc74a503415b35c4a79d14fb0b408a361

CVE-2008-0010 is already fixed upstream, does not affect any RHEL, but has
a public exploit. ( http://www.milw0rm.com/exploits/5093 )
Upstream patch is the first hunk of:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8811930dc74a503415b35c4a79d14fb0b408a361

CVE-2008-0600 is not yet fixed upstream, affects RHEL5,
and has a public exploit ( http://www.milw0rm.com/exploits/5092 )