diff options
author | Micah Anderson <micah@debian.org> | 2008-10-13 17:33:23 +0000 |
---|---|---|
committer | Micah Anderson <micah@debian.org> | 2008-10-13 17:33:23 +0000 |
commit | 646257b0199ac6845c2104b4f4f3c9a2000f4af8 (patch) | |
tree | 88c82129907646116bc3085c1fcc80c3996473f6 /dsa-texts/2.6.18.dfsg.1-22etch3 | |
parent | 9acd0301f984f0bc74f218a6ad7e36a725a36464 (diff) |
replace repeated word, justify paragraphs
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1241 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'dsa-texts/2.6.18.dfsg.1-22etch3')
-rw-r--r-- | dsa-texts/2.6.18.dfsg.1-22etch3 | 50 |
1 files changed, 26 insertions, 24 deletions
diff --git a/dsa-texts/2.6.18.dfsg.1-22etch3 b/dsa-texts/2.6.18.dfsg.1-22etch3 index 0e24f966..d347b3d5 100644 --- a/dsa-texts/2.6.18.dfsg.1-22etch3 +++ b/dsa-texts/2.6.18.dfsg.1-22etch3 @@ -11,52 +11,54 @@ Debian-specific: no CVE Id(s) : CVE-2007-6716 CVE-2008-1514 CVE-2008-3276 CVE-2008-3525 CVE-2008-3833 CVE-2008-4210 CVE-2008-4302 -Several vulnerabilities have been discovered in the Linux kernel that may -lead to a denial of service or privilege escalation. The Common Vulnerabilities -and Exposures project identifies the following problems: +Several vulnerabilities have been discovered in the Linux kernel that +may lead to a denial of service or privilege escalation. The Common +Vulnerabilities and Exposures project identifies the following +problems: CVE-2007-6716 - Joe Jin reported a local denial of service vulnerability that allows - local users to trigger an oops due to an improperly initialized data - structure. + Joe Jin reported a local denial of service vulnerability that + allows system users to trigger an oops due to an improperly + initialized data structure. CVE-2008-1514 - Jan Kratochvil reported a denial of service vulnerability in the ptrace - interface for the s390 architecture. Local users can trigger an invalid - pointer dereference, leading to a system panic. + Jan Kratochvil reported a local denial of service vulnerability in + the ptrace interface for the s390 architecture. Local users can + trigger an invalid pointer dereference, leading to a system panic. CVE-2008-3276 Eugene Teo reported an integer overflow in the DCCP subsystem that - may allow remote attackers to cause a denial of service in the form - of a kernel panic. + may allow remote attackers to cause a denial of service in the + form of a kernel panic. CVE-2008-3525 - Eugene Teo reported a lack of capability checks in the kernel driver for - Granch SBNI12 leased line adapters (sbni), allowing local users to perform - privileged operations. + Eugene Teo reported a lack of capability checks in the kernel + driver for Granch SBNI12 leased line adapters (sbni), allowing + local users to perform privileged operations. CVE-2008-3833 - The S_ISUID/S_ISGID bits were not being cleared during an inode splice, - which, under certain conditions, can be exploited by local users to obtain - the privileges of a group for which they are not a member. Mark Fasheh - reported this issue. + The S_ISUID/S_ISGID bits were not being cleared during an inode + splice, which, under certain conditions, can be exploited by local + users to obtain the privileges of a group for which they are not a + member. Mark Fasheh reported this issue. CVE-2008-4210 - David Watson reported an issue in the open()/creat() system calls which, - under certain conditions, can be exploited by local users to obtain the - privileges of a group for which they are not a member. + David Watson reported an issue in the open()/creat() system calls + which, under certain conditions, can be exploited by local users + to obtain the privileges of a group for which they are not a + member. CVE-2008-4302 - A coding error in the splice subsystem allows local users to attempt to - unlock a page structure that has not been locked, resulting in a system - crash. + A coding error in the splice subsystem allows local users to + attempt to unlock a page structure that has not been locked, + resulting in a system crash. For the stable distribution (etch), this problem has been fixed in version 2.6.18.dfsg.1-22etch3. |