diff options
author | dann frazier <dannf@debian.org> | 2009-05-01 05:33:39 +0000 |
---|---|---|
committer | dann frazier <dannf@debian.org> | 2009-05-01 05:33:39 +0000 |
commit | 4ea90f10ba5b16799b2a5802ee129e28fd6d42f7 (patch) | |
tree | 2432b0be166ee3f80b6fa3f4d37588f6603c9021 /dsa-texts/2.6.24-6~etchnhalf.8etch1 | |
parent | b0a440792d53cae23d3cac730239a851e00b6f0c (diff) |
more CVE texts
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1349 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'dsa-texts/2.6.24-6~etchnhalf.8etch1')
-rw-r--r-- | dsa-texts/2.6.24-6~etchnhalf.8etch1 | 75 |
1 files changed, 74 insertions, 1 deletions
diff --git a/dsa-texts/2.6.24-6~etchnhalf.8etch1 b/dsa-texts/2.6.24-6~etchnhalf.8etch1 index 02cb9f6a..fd845bc4 100644 --- a/dsa-texts/2.6.24-6~etchnhalf.8etch1 +++ b/dsa-texts/2.6.24-6~etchnhalf.8etch1 @@ -21,6 +21,11 @@ Vulnerabilities and Exposures project identifies the following problems: CVE-2008-4307 + + Bryn M. Reeves reported a denial of service in the NFS filesystem. + Local users can trigger a kernel BUG() due to a race condition + in the do_setlk function. + CVE-2008-5079 Hugo Dias reported a DoS condition in the ATM subsystem that can @@ -28,10 +33,34 @@ CVE-2008-5079 twice on the same socket and reading /proc/net/atm/*vc. CVE-2008-5395 + + Helge Deller discovered a denial of service condition that allows + local users on PA-RISC systems to crash a system by attempting + to unwind a stack contiaining userspace addresses. + CVE-2008-5700 + + Alan Cox discovered a lack of minimum timeouts on SG_IO requests, + which allows local users of systems using ATA to cause a denial + of service by forcing drives into PIO mode. + CVE-2008-5701 + + Vlad Malov reported an issue on 64-bit MIPS systems where a local user + could cause a system crash by crafing a malicious binary which makes + o32 syscalls with a number less than 4000. + CVE-2008-5702 + + Zvonimir Rakamaric reported an off-by-one error in the ib700wdt watchdog + driver which allows local users to cause a buffer underflow by making + a specially crafted WDIOC_SETTIMEOUT ioctl call. + CVE-2009-0028 + + Chris Evans discovered a situation in which a child process can send + an arbitrary signal to its parent. + CVE-2009-0029 Christian Borntraeger discovered an issue effecting the alpha, @@ -69,7 +98,7 @@ CVE-2009-0675 CVE-2009-0676 - Clément LECIGNE discovered a bug in the sock_getsockopt function + Clement LECIGNE discovered a bug in the sock_getsockopt function that may result in leaking sensitive kernel memory. CVE-2009-0745 @@ -79,15 +108,59 @@ CVE-2009-0745 during a resize operation. CVE-2009-0834 + + Roland McGrath discovered an issue on amd64 kernels that allows local + users to circumvent system call audit configurations which filter + based on the syscall numbers or argument details. + CVE-2009-0859 + + Jiri Olsa discovered that a local user can cause a denial of service + (system hang) using a SHM_INFO shmctl call on kernels compiled with + CONFIG_SHMEM disabled. This issue does not affect prebuilt Debian + kernels. + CVE-2009-1046 + + Mikulas Patocka reported an issue in the console subsystem that allows + a local user to cause memory corruption by selecting a small number of + 3-byte UTF-8 characters. + CVE-2009-1192 + + Shaohua Li reported an issue in the AGP subsystem they may allow local + users to read sensitive kernel memory due to a leak of uninitialized + memory. + CVE-2009-1242 + + Benjamin Gilbert reported a local denial of service vulnerability in the + KVM VMX implementation that allows local users to trigger an oops. + CVE-2009-1265 + + Thomas Pollet reported an overflow in the af_rose implementation that + allows remote attackers to retrieve uninitialized kernel memory that + may contain sensitive data. + CVE-2009-1337 + + Oleg Nesterov discovered an issue in the exit_notify function that allows + local users to send an arbitrary signal to a process by running a program + that modifies the exit_signal field and then uses an exec system call to + launch a setuid application. + CVE-2009-1338 + + Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to reach + processes outside of the current process namespace. + CVE-2009-1439 + Pavan Naregundi reported an issue in the CIFS filesystem code that + allows remote users to overwrite memory via a long nativeFileSystem + field in a Tree Connect response during mount. + For the stable distribution (etch), these problems have been fixed in version 2.6.24-6~etchnhalf.8etch1. |