Debian 5.0: DSA-2095-1 Critical Denial of Service and Escalation Issues
debian
August 20, 2010
CVE-2009-4895 Kyle Bader reported an issue in the tty subsystem that allows local users to create a denial of service (NULL pointer dereference)
Topics Covered
Summary
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2009-4895
Kyle Bader reported an issue in the tty subsystem that allows local
users to create a denial of service (NULL pointer dereference).
CVE-2010-2226
Dan Rosenberg reported an issue in the xfs filesystem that allows local
users to copy and read a file owned by another user, for which they
only have write permissions, due to a lack of permission checking in the
XFS_SWAPEXT ioctl.
CVE-2010-2240
Rafal Wojtczuk reported an issue that allows users to obtain escalated
privileges. Users must already have sufficient privileges to execute or
connect clients to an Xorg server.
CVE-2010-2248
Suresh Jayaraman discovered an issue in the CIFS filesystem. A malicious
file server can set an incorrect "CountHigh" value, resulting in a
d...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux-2.6
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!