diff options
author | Micah Anderson <micah@debian.org> | 2010-02-27 16:37:23 +0000 |
---|---|---|
committer | Micah Anderson <micah@debian.org> | 2010-02-27 16:37:23 +0000 |
commit | 433b4967d0962407325b1a7d72d640b2cfd3dbb9 (patch) | |
tree | 8b982738bccfccc60ed5e073cd4bac3b1776aefd /dsa-texts/2.6.24-6~etchnhalf.9etch3 | |
parent | a41e0f5b9e6296d47c83e408d5d91f23abeba140 (diff) |
maybe -> may be; Ethernet caps; and a justificaiton
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1751 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'dsa-texts/2.6.24-6~etchnhalf.9etch3')
-rw-r--r-- | dsa-texts/2.6.24-6~etchnhalf.9etch3 | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/dsa-texts/2.6.24-6~etchnhalf.9etch3 b/dsa-texts/2.6.24-6~etchnhalf.9etch3 index 907425c7..43bb96fd 100644 --- a/dsa-texts/2.6.24-6~etchnhalf.9etch3 +++ b/dsa-texts/2.6.24-6~etchnhalf.9etch3 @@ -15,10 +15,9 @@ CVE Id(s) : CVE-2009-2691 CVE-2009-2695 CVE-2009-3080 CVE-2009-3726 CVE-2010-0415 CVE-2010-0622 NOTE: This kernel update marks the final planned kernel security -update for the 2.6.24 kernel in the Debian release 'etch'. -Although security support for 'etch' officially ended on -Feburary 15th, 2010, this update was already in preparation -before that date. +update for the 2.6.24 kernel in the Debian release 'etch'. Although +security support for 'etch' officially ended on Feburary 15th, 2010, +this update was already in preparation before that date. Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege @@ -28,7 +27,7 @@ identifies the following problems: CVE-2009-2691 Steve Beattie and Kees Cook reported an information leak in the - maps and smaps files available under /proc. Local users maybe + maps and smaps files available under /proc. Local users may be able to read this data for setuid processes while the ELF binary is being loaded. @@ -86,15 +85,15 @@ CVE-2009-4138 CVE-2009-4308 Ted Ts'o discovered an issue in the ext4 filesystem that allows - local users to cause a denial of service (NULL pointer dereference). - For this to be exploitable, the local user must have sufficient - privileges to mount a filesystem. + local users to cause a denial of service (NULL pointer + dereference). For this to be exploitable, the local user must + have sufficient privileges to mount a filesystem. CVE-2009-4536 & CVE-2009-4538 Fabian Yamaguchi reported issues in the e1000 and e1000e drivers for Intel gigabit network adapters which allow remote users to - bypass packet filters using specially crafted ethernet frames. + bypass packet filters using specially crafted Ethernet frames. CVE-2010-0003 |