commit b6542acb6d675b41f4a96576cae4f88fd1bc8c47 Author: Chris Wright Date: Thu Jun 7 14:23:23 2007 -0700 Linux 2.6.20.13 commit 13ad357c616a85828fa224c0876a393d1dd6f59f Author: Patrick McHardy Date: Tue Jun 5 14:14:22 2007 +0200 [PATCH] NETFILTER: {ip, nf}_conntrack_sctp: fix remotely triggerable NULL ptr dereference (CVE-2007-2876) When creating a new connection by sending an unknown chunk type, we don't transition to a valid state, causing a NULL pointer dereference in sctp_packet when accessing sctp_timeouts[SCTP_CONNTRACK_NONE]. Fix by don't creating new conntrack entry if initial state is invalid. Noticed by Vilmos Nebehaj CC: Kiran Kumar Immidi Cc: David Miller Signed-off-by: Patrick McHardy Signed-off-by: Greg Kroah-Hartman Signed-off-by: Chris Wright commit 6a5357887e4ebfd9c0f472cffc58bcdf426f4cad Author: Chris Wright Date: Thu Jun 7 14:23:05 2007 -0700 [PATCH] cpuset: prevent information leak in cpuset_tasks_read (CVE-2007-2875) Use simple_read_from_buffer to avoid possible underflow in cpuset_tasks_read which could allow user to read kernel memory. Note: This is fixed upstream in 85badbdf5120d246ce2bb3f1a7689a805f9c9006 Signed-off-by: Chris Wright commit f5939fcd7378c7a26cc8101dff373c90d269d769 Author: Matt Mackall Date: Tue May 29 21:58:10 2007 -0500 [PATCH] random: fix seeding with zero entropy (CVE-2007-2453 2 of 2) Add data from zero-entropy random_writes directly to output pools to avoid accounting difficulties on machines without entropy sources. Tested on lguest with all entropy sources disabled. Signed-off-by: Matt Mackall Acked-by: "Theodore Ts'o" Signed-off-by: Linus Torvalds Signed-off-by: Chris Wright commit 54bb290bb2bad45d45cae1399181a233ffbc487b Author: Matt Mackall Date: Tue May 29 21:54:27 2007 -0500 [PATCH] random: fix error in entropy extraction (CVE-2007-2453 1 of 2) Fix cast error in entropy extraction. Add comments explaining the magic 16. Remove extra confusing loop variable. Signed-off-by: Matt Mackall Acked-by: "Theodore Ts'o" Signed-off-by: Linus Torvalds Signed-off-by: Chris Wright