Rejected reason: Buffer overflow in the (1) sysfs_show_available_clocksources and (2) sysfs_show_current_clocksources functions in Linux kernel 2.6.23 and earlier might allow local users to cause a denial of service or execute arbitrary code via crafted clock source names. NOTE: follow-on analysis by Linux developers states that There is no way for unprivileged users (or really even the root user) to add new clocksources.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux | Ubuntu | devel | * |
Linux-source | Ubuntu | upstream | * |
Linux-source-2.6.15 | Ubuntu | dapper | * |
Linux-source-2.6.17 | Ubuntu | edgy | * |
Linux-source-2.6.20 | Ubuntu | feisty | * |
Linux-source-2.6.22 | Ubuntu | gutsy | * |