Cyrill Gorcunov reported a NULL pointer dereference in code specific
to the CHRP PowerPC platforms. Local users could exploit this issue
to achieve a Denial of Service (DoS).
CVE-2008-0007
Nick Piggin of SuSE discovered a number of issues in subsystems which
register a fault handler for memory mapped areas. This issue can be
exploited by local users to achieve a Denial of Service (DoS) and possibly
execute arbitrary code.
CVE-2008-1294
David Peer discovered that users could escape administrator imposed cpu
time limitations (RLIMIT_CPU) by setting a limit of 0.
CVE-2008-1375
Alexander Viro discovered a race condition in the directory notification
subsystem that allows local users to cause a Denial of Service (oops)
and possibly result in an escalation of priveleges.
For the stable distribution (etch), this problem has been fixed in version
2.6.18.dfsg.1-18etch3.
The unstable (sid) and testing distributions will be fixed soon.
...
Get the latest Linux and open source security news straight to your inbox.