From b249e20c89e173fff61e474dd649059d739c7180 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 21 Oct 2009 13:41:58 +0000 Subject: fixed unintentional typo, justified text git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1536 e094ebfe-e918-0410-adfb-c712417f3574 --- dsa-texts/2.6.26-19lenny1 | 54 ++++++++++++++++++++++++----------------------- 1 file changed, 28 insertions(+), 26 deletions(-) (limited to 'dsa-texts/2.6.26-19lenny1') diff --git a/dsa-texts/2.6.26-19lenny1 b/dsa-texts/2.6.26-19lenny1 index cf8b5eff..20278606 100644 --- a/dsa-texts/2.6.26-19lenny1 +++ b/dsa-texts/2.6.26-19lenny1 @@ -23,25 +23,26 @@ CVE-2009-2695 provided by the mmap_min_addr tunable against NULL pointer dereference vulnerabilities. - Unless your system needs to run applications that require mapping low - addresses (such as wine or dosemu), it is recommended to increase - the value of mmap_min_addr to protect against NULL pointer exploits. - This can be configured using the procps package: + Unless your system needs to run applications that require mapping + low addresses (such as wine or dosemu), it is recommended to + increase the value of mmap_min_addr to protect against NULL + pointer exploits. This can be configured using the procps + package: # echo "vm.mmap_min_addr = 32768" > /etc/sysctl.d/mmap_min_addr.conf # /etc/init.d/procps restart CVE-2009-2903 - Mark Smith discovered a memory leak in the appletalk implementation. - When the appletalk and ipddp modules are loaded, but no ipddp"N" device is - found, remote attackers can cause a denial of service by consuming - large amounts of system memory. + Mark Smith discovered a memory leak in the appletalk + implementation. When the appletalk and ipddp modules are loaded, + but no ipddp"N" device is found, remote attackers can cause a + denial of service by consuming large amounts of system memory. CVE-2009-2908 - Loïc Minier discovered an issue in the eCryptfs filesystem. A local - user can cause a denial of service (kernel oops) by causing a dentry - value to go negative. + Loïc Minier discovered an issue in the eCryptfs filesystem. A + local user can cause a denial of service (kernel oops) by causing + a dentry value to go negative. CVE-2009-2909 @@ -57,36 +58,37 @@ CVE-2009-2910 CVE-2009-3001 - Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE 802.2 LLC - implementation. This is not exploitable in the Debian lenny kernel as root - privileges are required to exploit this issue. + Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE + 802.2 LLC implementation. This is not exploitable in the Debian + lenny kernel as root privileges are required to exploit this + issue. CVE-2009-3002 Eric Dumazet fixed several sensitive memory leaks in the IrDA, X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area - Network (CAN) implementations. Local users can exploit these issues - to gain access to kernel memory. + Network (CAN) implementations. Local users can exploit these + issues to gain access to kernel memory. CVE-2009-3286 - Eric Paris discovered an issue with the NFSv4 server implementation. - When an O_EXCL create fails, files may be left with corrupted - permissions, possibly granting unintenional privileges to other - local users. + Eric Paris discovered an issue with the NFSv4 server + implementation. When an O_EXCL create fails, files may be left + with corrupted permissions, possibly granting unintentional + privileges to other local users. CVE-2009-3290 Jan Kiszka noticed that the kvm_emulate_hypercall function in KVM - does not prevent access to MMU hypercalls from ring 0, which allows - local guest OS users to cause a denial of service (guest kernel crash) - and read or write guest kernel memory. + does not prevent access to MMU hypercalls from ring 0, which + allows local guest OS users to cause a denial of service (guest + kernel crash) and read or write guest kernel memory. CVE-2009-3613 - Alistair Strachan reported an issue in the r8169 driver. Remote users - can cause a denial of service (IOMMU space exhaustion and system crash) - by transmitting a large amount of jumbo frames. + Alistair Strachan reported an issue in the r8169 driver. Remote + users can cause a denial of service (IOMMU space exhaustion and + system crash) by transmitting a large amount of jumbo frames. For the stable distribution (lenny), this problem has been fixed in version 2.6.26-19lenny1. -- cgit v1.2.3