Debian: DSA-1996-1 High: Linux Kernel Privilege Escalation and DoS Risks
debian
February 13, 2010
CVE-2009-3939 Joseph Malicki reported that the dbg_lvl sysfs attribute for the megaraid_sas device driver had world-writable permissions,
Topics Covered
Summary
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems:
CVE-2009-3939
Joseph Malicki reported that the dbg_lvl sysfs attribute for the
megaraid_sas device driver had world-writable permissions,
permitting local users to modify logging settings.
CVE-2009-4027
Lennert Buytenhek reported a race in the mac80211 subsystem that
may allow remote users to cause a denial of service (system crash)
on a system connected to the same wireless network.
CVE-2009-4536 & CVE-2009-4538
Fabian Yamaguchi reported issues in the e1000 and e1000e drivers for Intel gigabit network adapters which allow remote users to
bypass packet filters using specially crafted ethernet frames.
CVE-2010-0003
Andi Kleen reported a defect which allows local users to gain read
access to memory reachable...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux-2.6
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!