Debian 5.0: DSA-2110-1 Critical: Buffer Overflow And Privilege Escalation
debian
September 17, 2010
CVE-2010-2492 Andre Osterhues reported an issue in the eCryptfs subsystem
Summary
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information leak.
The Common Vulnerabilities and Exposures project identifies the following
problems:
CVE-2010-2492
Andre Osterhues reported an issue in the eCryptfs subsystem. A buffer
overflow condition may allow local users to cause a denial of service
or gain elevated privileges.
CVE-2010-2954
Tavis Ormandy reported an issue in the irda subsystem which may allow
local users to cause a denial of service via a NULL pointer dereference.
CVE-2010-3078
Dan Rosenberg discovered an issue in the XFS file system that allows
local users to read potentially sensitive kernel memory.
CVE-2010-3080
Tavis Ormandy reported an issue in the ALSA sequencer OSS emulation
layer. Local users with sufficient privileges to open /dev/sequencer
(by default on Debian, this is members of the 'audio' group) can
cause a denial of service...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux-2.6
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!