From b75df1c8d2f068945cc7c5ffc174cddbd7d6c828 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 26 Jan 2011 02:58:08 +0000 Subject: anal retentive paragraph justification git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2171 e094ebfe-e918-0410-adfb-c712417f3574 --- dsa-texts/2.6.26-26lenny2 | 77 +++++++++++++++++++++++------------------------ 1 file changed, 37 insertions(+), 40 deletions(-) (limited to 'dsa-texts/2.6.26-26lenny2') diff --git a/dsa-texts/2.6.26-26lenny2 b/dsa-texts/2.6.26-26lenny2 index f98b410bc..abba2c048 100644 --- a/dsa-texts/2.6.26-26lenny2 +++ b/dsa-texts/2.6.26-26lenny2 @@ -22,8 +22,8 @@ Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0435 Gleb Napatov reported an issue in the KVM subsystem that allows virtual - machines to cause a denial of service of the host machine by executing - mov to/from DR instructions. + machines to cause a denial of service of the host machine by executing mov + to/from DR instructions. CVE-2010-3699 @@ -40,14 +40,14 @@ CVE-2010-4158 CVE-2010-4162 Dan Rosenberg discovered an overflow issue in the block I/O subsystem that - allows local users to map large numbers of pages, resulting in a denial - of service due to invocation of the out of memory killer. + allows local users to map large numbers of pages, resulting in a denial of + service due to invocation of the out of memory killer. CVE-2010-4163 Dan Rosenberg discovered an issue in the block I/O subsystem. Due to - improper validation of iov segments, local users can trigger a kernel - panic resulting in a denial of service. + improper validation of iov segments, local users can trigger a kernel panic + resulting in a denial of service. CVE-2010-4242 @@ -60,8 +60,7 @@ CVE-2010-4243 Brad Spengler reported a denial-of-service issue in the kernel memory accounting system. By passing large argv/envp values to exec, local users - can cause the out of memory killer to kill processes owned by other - users. + can cause the out of memory killer to kill processes owned by other users. CVE-2010-4248 @@ -72,74 +71,72 @@ CVE-2010-4248 CVE-2010-4249 Vegard Nossum reported an issue with the UNIX socket garbage collector. - Local users can consume all of LOWMEM and decrease system performance - by overloading the system with inflight sockets. + Local users can consume all of LOWMEM and decrease system performance by + overloading the system with inflight sockets. CVE-2010-4258 - Nelson Elhage reported an issue in Linux oops handling. Local users may - be able to obtain elevated privileges if they are able to trigger an - oops with a process' fs set to KERNEL_DS. + Nelson Elhage reported an issue in Linux oops handling. Local users may be + able to obtain elevated privileges if they are able to trigger an oops with + a process' fs set to KERNEL_DS. CVE-2010-4342 - Nelson Elhage reported an issue in the econet protocol. Remote attackers - can cause a denial of service by sending an Acorn Universal Networking - packet over UDP. + Nelson Elhage reported an issue in the econet protocol. Remote attackers can + cause a denial of service by sending an Acorn Universal Networking packet + over UDP. CVE-2010-4346 Tavis Ormandy discovered an issue in the install_special_mapping routine which allows local users to bypass the mmap_min_addr security restriction. Combined with an otherwise low severity local denial of service - vulnerability (NULL pointer dereference), a local user could obtain - elevated privileges. + vulnerability (NULL pointer dereference), a local user could obtain elevated + privileges. CVE-2010-4526 Eugene Teo reported a race condition in the Linux SCTP implementation. - Remote users can cause a denial of service (kernel memory corruption) - by transmitting an ICMP unreachable message to a locked socket. + Remote users can cause a denial of service (kernel memory corruption) by + transmitting an ICMP unreachable message to a locked socket. CVE-2010-4527 - Dan Rosenberg reported two issues in the OSS soundcard driver. Local - users with access to the device (members of group 'audio' on default - Debian installations) may contain access to sensitive kernel memory - or cause a buffer overflow, potentially leading to an escalation of - privileges. + Dan Rosenberg reported two issues in the OSS soundcard driver. Local users + with access to the device (members of group 'audio' on default Debian + installations) may contain access to sensitive kernel memory or cause a + buffer overflow, potentially leading to an escalation of privileges. CVE-2010-4529 Dan Rosenberg reported an issue in the Linux kernel IrDA socket - implementation on non-x86 architectures. Local users may be able - to gain access to sensitive kernel memory via a specially crafted - IRLMP_ENUMDEVICES getsockopt call. + implementation on non-x86 architectures. Local users may be able to gain + access to sensitive kernel memory via a specially crafted IRLMP_ENUMDEVICES + getsockopt call. CVE-2010-4565 Dan Rosenberg reported an issue in the Linux CAN protocol implementation. - Local users can obtain the address of a kernel heap object which might - help facilitate system exploitation. + Local users can obtain the address of a kernel heap object which might help + facilitate system exploitation. CVE-2010-4649 - Dan Carpenter reported an issue in the uverb handling of the - InfiniBand subsystem. A potential buffer overflow may allow local - users to cause a denial of service (memory corruption) by passing - in a large cmd.ne value. + Dan Carpenter reported an issue in the uverb handling of the InfiniBand + subsystem. A potential buffer overflow may allow local users to cause a + denial of service (memory corruption) by passing in a large cmd.ne value. CVE-2010-4668 - Dan Rosenberg reported an issue in the block subsystem. A local user - can cause a denial of service (kernel panic) by submitting certain - 0-length I/O requests. + Dan Rosenberg reported an issue in the block subsystem. A local user can + cause a denial of service (kernel panic) by submitting certain 0-length I/O + requests. CVE-2011-0521 - Dan Carpenter reported an issue in the DVB driver for AV7110 cards. - Local users can pass a negative info->num value, corrupting kernel - memory and causing a denial of service. + Dan Carpenter reported an issue in the DVB driver for AV7110 cards. Local + users can pass a negative info->num value, corrupting kernel memory and + causing a denial of service. For the stable distribution (lenny), this problem has been fixed in version 2.6.26-26lenny2. -- cgit v1.2.3