Debian 5.0: DSA-2153-1 Critical: Linux Kernel Privilege Escalation
debian
January 30, 2011
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak
Summary
Several vulnerabilities have been discovered in the Linux kernel that may lead
to a privilege escalation, denial of service or information leak. The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2010-0435
Gleb Napatov reported an issue in the KVM subsystem that allows virtual
machines to cause a denial of service of the host machine by executing mov
to/from DR instructions.
CVE-2010-3699
Keir Fraser provided a fix for an issue in the Xen subsystem. A guest can
cause a denial of service on the host by retaining a leaked reference to a
device. This can result in a zombie domain, xenwatch process hangs, and xm
command failures.
CVE-2010-4158
Dan Rosenberg discovered an issue in the socket filters subsystem, allowing
local unprivileged users to obtain the contents of sensitive kernel memory.
CVE-2010-4162
Dan Rosenberg discovered an overflow issue in the block I/O subsystem that
allows local users to map large numbers of ...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux-2.6
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!