Debian 6.0 moderate: DSA-2303-2 High Risk Patch for Linux-2.6
debian
September 11, 2011
The linux-2.6 and user-mode-linux upgrades from DSA-2303-1 has caused a regression that can result in an oops during invalid accesses to /proc//maps files
Summary
The linux-2.6 and user-mode-linux upgrades from DSA-2303-1 has caused a
regression that can result in an oops during invalid accesses to
/proc/
The text of the original advisory is reproduced for reference:
Several vulnerabilities have been discovered in the Linux kernel that may lead
to a denial of service or privilege escalation. The Common Vulnerabilities and
Exposures project identifies the following problems:
CVE-2011-1020
Kees Cook discovered an issue in the /proc filesystem that allows local
users to gain access to sensitive process information after execution of a
setuid binary.
CVE-2011-1576
Ryan Sweat discovered an issue in the VLAN implementation. Local users may
be able to cause a kernel memory leak, resulting in a denial of service.
CVE-2011-2484
Vasiliy Kulikov of Openwall discovered that the number of exit handlers that
a process can register is not capped, resulting in local denial of service
through resource exhaustion (cpu time and mem...
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Package: linux-2.6
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!