Debian 4.0: DSA-1794-1 Critical: Kernel Issues Leading To Exploits
debian
May 6, 2009
Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service, privilege escalation, or information leak
Summary
Several vulnerabilities have been discovered in the Linux kernel that
may lead to denial of service, privilege escalation, or information
leak. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2008-4307
Bryn M. Reeves reported a denial of service in the NFS filesystem.
Local users can trigger a kernel BUG() due to a race condition in
the do_setlk function.
CVE-2008-5395
Helge Deller discovered a denial of service condition that allows
local users on PA-RISC to crash the system by attempting to unwind
a stack containing userspace addresses.
CVE-2008-5701
Vlad Malov reported an issue on 64-bit MIPS where a local user
could cause a system crash by crafting a malicious binary which
makes o32 syscalls with a number less than 4000.
CVE-2008-5702
Zvonimir Rakamaric reported an off-by-one error in the ib700wdt
watchdog driver which allows local users to cause a buffer
underflow by making a specially crafted WDIOC_SETTIMEOUT...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux-2.6
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!