Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

Debian DSA-1479 Security Advisory: Resolved DoS Kernel Vulnerabilities

debian
Calendar Grey January 29, 2008
Debian Logo
- ------------------------------------------------------------------------Debian Security Advisory D
Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code

Summary


Bart Oldeman reported a denial of service (DoS) issue in the VFAT
filesystem that allows local users to corrupt a kernel structure resulting
in a system crash. This is only an issue for systems which make use
of the VFAT compat ioctl interface, such as systems running an 'amd64'
flavor kernel.

CVE-2007-4571

Takashi Iwai supplied a fix for a memory leak in the snd_page_alloc module.
Local users could exploit this issue to obtain sensitive information from
the kernel.

CVE-2007-6151

ADLAB discovered a possible memory overrun in the ISDN subsystem that
may permit a local user to overwrite kernel memory leading by issuing
ioctls with unterminated data.

CVE-2008-0001

Bill Roman of Datalight noticed a coding error in the linux VFS subsystem
that, under certain conditions, can allow local users to remove
directories for which they should not have removal privileges.

These problems have been fixed in the stable distribution in v...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here