Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Debian 5.0: DSA-2153-1 Critical: Linux Kernel Privilege Escalation

debian
Calendar Grey January 30, 2011
Debian Logo
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - --------------------------------------------------
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak

Summary

Several vulnerabilities have been discovered in the Linux kernel that may lead
to a privilege escalation, denial of service or information leak. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2010-0435

Gleb Napatov reported an issue in the KVM subsystem that allows virtual
machines to cause a denial of service of the host machine by executing mov
to/from DR instructions.

CVE-2010-3699

Keir Fraser provided a fix for an issue in the Xen subsystem. A guest can
cause a denial of service on the host by retaining a leaked reference to a
device. This can result in a zombie domain, xenwatch process hangs, and xm
command failures.

CVE-2010-4158

Dan Rosenberg discovered an issue in the socket filters subsystem, allowing
local unprivileged users to obtain the contents of sensitive kernel memory.

CVE-2010-4162

Dan Rosenberg discovered an overflow issue in the block I/O subsystem that
allows local users to map large numbers of ...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: linux-2.6

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.