Debian 6.0 DSA-2668-1 Critical: Linux Kernel DoS and Privilege Escalation
debian
May 14, 2013
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation
Topics Covered
Summary
Several vulnerabilities have been discovered in the Linux kernel that may lead
to a denial of service, information leak or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2012-2121
Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU
mapping of memory slots used in KVM device assignment. Local users with
the ability to assign devices could cause a denial of service due to a
memory page leak.
CVE-2012-3552
Hafid Lin reported an issue in the IP networking subsystem. A remote user
can cause a denial of service (system crash) on servers running
applications that set options on sockets which are actively being
processed.
CVE-2012-4461
Jon Howell reported a denial of service issue in the KVM subsystem.
On systems that do not support the XSAVE feature, local users with
access to the /dev/kvm interface can cause a system crash.
CVE-2012-4508
Dmitry Monakhov and Theodore Ts'o report...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux-2.6
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!