Debian 2.6.18 DSA-1872-1 Critical: UDP Denial of Service Risk Alert
debian
August 24, 2009
CVE-2009-2698 Herbert Xu discovered an issue in the way UDP tracks corking status that could allow local users to cause a denial of service
Topics Covered
Summary
Several vulnerabilities have been discovered in the Linux kernel that
may lead to denial of service, privilege escalation or a leak of
sensitive memory. The Common Vulnerabilities and Exposures project
identifies the following problems:
CVE-2009-2698
Herbert Xu discovered an issue in the way UDP tracks corking
status that could allow local users to cause a denial of service
(system crash). Tavis Ormandy and Julien Tinnes discovered that
this issue could also be used by local users to gain elevated
privileges.
CVE-2009-2846
Michael Buesch noticed a typing issue in the eisa-eeprom driver
for the hppa architecture. Local users could exploit this issue to
gain access to restricted memory.
CVE-2009-2847
Ulrich Drepper noticed an issue in the do_sigalstack routine on
64-bit systems. This issue allows local users to gain access to
potentially sensitive memory on the kernel stack.
CVE-2009-2848
Eric Dumazet discovered an issue in the execve path...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux-2.6
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!