Debian 6.0 DSA-2928-1 Critical: Kernel DoS, Info Leak, Privilege Escalation
debian
May 14, 2014
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation
Summary
Several vulnerabilities have been discovered in the Linux kernel that may lead
to a denial of service, information leak or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2014-0196
Jiri Slaby discovered a race condition in the pty layer, which could lead
to a denial of service or privilege escalation.
CVE-2014-1737 CVE-2014-1738
Matthew Daley discovered an information leak and missing input
sanitising in the FDRAWCMD ioctl of the floppy driver. This could result
in a privilege escalation.
For the oldstable distribution (squeeze), this problem has been fixed in
version 2.6.32-48squeeze6.
The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:
Debian 6.0 (squeeze)
user-mode-linux 2.6.32-1um-4+48squeeze6
We recommend that you upgrade your linux-2.6 and user-mode-linux packa...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux-2.6
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!