Debian 4.0: DSA-2003-1 Critical: Denial of Service and Privilege Escalation
debian
February 23, 2010
NOTE: This kernel update marks the final planned kernel security update for the 2.6.18 kernel in the Debian release 'etch'
Topics Covered
Summary
NOTE: This kernel update marks the final planned kernel security
update for the 2.6.18 kernel in the Debian release 'etch'.
Although security support for 'etch' officially ended on
Feburary 15th, 2010, this update was already in preparation
before that date. A final update that includes fixes for these
issues in the 2.6.24 kernel is also in preparation and will be
released shortly.
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following
problems:
CVE-2009-3080
Dave Jones reported an issue in the gdth SCSI driver. A missing
check for negative offsets in an ioctl call could be exploited by
local users to create a denial of service or potentially gain
elevated privileges.
CVE-2009-3726
Trond Myklebust reported an issue where a malicious NFS server
could cause a denial of service condition on its clients by
returning incorrect attribu...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux-2.6
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!