Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Debian 4.0 DSA-1565-1 Critical: Linux Kernel Denial Of Service Rectified

debian
Calendar Grey May 1, 2008
Debian Logo
- ----------------------------------------------------------------------Debian Security Advisory DSA
Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code

Summary


Cyrill Gorcunov reported a NULL pointer dereference in code specific
to the CHRP PowerPC platforms. Local users could exploit this issue
to achieve a Denial of Service (DoS).

CVE-2008-0007

Nick Piggin of SuSE discovered a number of issues in subsystems which
register a fault handler for memory mapped areas. This issue can be
exploited by local users to achieve a Denial of Service (DoS) and possibly
execute arbitrary code.

CVE-2008-1294

David Peer discovered that users could escape administrator imposed cpu
time limitations (RLIMIT_CPU) by setting a limit of 0.

CVE-2008-1375

Alexander Viro discovered a race condition in the directory notification
subsystem that allows local users to cause a Denial of Service (oops)
and possibly result in an escalation of priveleges.

For the stable distribution (etch), this problem has been fixed in version
2.6.18.dfsg.1-18etch3.

The unstable (sid) and testing distributions will be fixed soon.

...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here