blob: 1641b5a5b743b0957875ea7a5b957488808ad283 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
----------------------------------------------------------------------
Debian Security Advisory DSA-2240-1 security@debian.org
http://www.debian.org/security/ dann frazier
May 24, 2011 http://www.debian.org/security/faq
----------------------------------------------------------------------
Package : linux-2.6
Vulnerability : privilege escalation/denial of service/information leak
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2011-1020 CVE-2011-1576 CVE-2011-2484 CVE-2011-2491
CVE-2011-2492 CVE-2011-2495 CVE-2011-2496 CVE-2011-2497
CVE-2011-2517 CVE-2011-2525 CVE-2011-2700 CVE-2011-2723
CVE-2011-2905 CVE-2011-2909 CVE-2011-2918 CVE-2011-2928
CVE-2011-3188 CVE-2011-3191
Several vulnerabilities have been discovered in the Linux kernel that may lead
to a denial of service or privilege escalation. The Common Vulnerabilities and
Exposures project identifies the following problems:
CVE-2011-1020
foo
CVE-2011-1576
foo
CVE-2011-2484
Vasiliy Kulikov of Openwall discovered that the amount of exit handler
that a process can register is not capped, resulting in local denial of
service through resource exhaustion (cpu time and memory).
CVE-2011-2491
foo
CVE-2011-2492
foo
CVE-2011-2495
foo
CVE-2011-2496
foo
CVE-2011-2497
foo
CVE-2011-2517
It was discovered that the netlink-based wireless configuration
interface performed insufficient length validation when parsing
SSIDs, resulting in buffer overflows. Local users with the
CAP_NET_ADMIN capability can cause a denial of service.
CVE-2011-2525
foo
CVE-2011-2700
foo
CVE-2011-2723
foo
CVE-2011-2905
foo
CVE-2011-2909
foo
CVE-2011-2918
Vince Weaver discovered that incorrect handling of software event
overflows in the 'perf' analysis tool could lead to local denial
of service.
CVE-2011-2928
Timo Warns discovered that insufficient validation of Be filesystem images
could lead to local denial of service if a malformed filesystem image
is mounted.
CVE-2011-3188
foo
CVE-2011-3191
foo
This update also includes a fix for a regression introduced with the previous
security fix for CVE-2011-1768 (Debian: #633738)
For the stable distribution (squeeze), this problem has been fixed in version
2.6.32-35squeeze1. Updates for issues impacting the oldstable distribution
(lenny) will be available soon.
The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:
Debian 6.0 (squeeze)
user-mode-linux 2.6.32-1um-4+35squeeze1
We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
|