Debian: DSA-2469-1 Critical: Linux-2.6 Privilege Escalation DoS
debian
May 10, 2012
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation
Summary
Several vulnerabilities have been discovered in the Linux kernel that may lead
to a denial of service or privilege escalation. The Common Vulnerabilities and
Exposures project identifies the following problems:
CVE-2011-4086
Eric Sandeen reported an issue in the journaling layer for EXT4 filesystems
(jbd2). Local users can cause buffers to be accessed after they have been
torn down, resulting in a denial of service (DoS) due to a system crash.
CVE-2012-0879
Louis Rilling reported two reference counting issues in the CLONE_IO
feature of the kernel. Local users can prevent io context structures
from being freed, resulting in a denial of service.
CVE-2012-1601
Michael Ellerman reported an issue in the KVM subsystem. Local users could
cause a denial of service (NULL pointer dereference) by creating VCPUs
before a call to KVM_CREATE_IRQCHIP.
CVE-2012-2123
Steve Grubb reported in an issue in fcaps, a filesystem-based capabilities
system. Personality flags set us...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux-2.6
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!