Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 439
Alerts This Week
Warning Icon 1 439

Debian DSA-1929-1 Critical: DoS, Memory Leak, Privilege Escalation

debian
Calendar Grey November 6, 2009
Debian Logo
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation

Summary

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2009-1883

Solar Designer discovered a missing capability check in the
z90crypt driver or s390 systems. This vulnerability may allow
a local user to gain elevated privileges.

CVE-2009-2909

Arjan van de Ven discovered an issue in the AX.25 protocol
implementation. A specially crafted call to setsockopt() can
result in a denial of service (kernel oops).

CVE-2009-3001

Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE
802.2 LLC implementation. This is not exploitable in the Debian
lenny kernel as root privileges are required to exploit this
issue.

CVE-2009-3002

Eric Dumazet fixed several sensitive memory leaks in the IrDA,
X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area
Network (CAN) implemen...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: linux-2.6

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.