Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 616
Alerts This Week
Warning Icon 1 616

Debian: DSA-1655-1 Critical: Linux Kernel Denial of Service

debian
Calendar Grey October 16, 2008
Debian Logo
- ----------------------------------------------------------------------Debian Security Advisory DSA
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, privilege escalation or a leak of sensitive data

Summary


Jan Kratochvil reported a local denial of service vulnerability in
the ptrace interface for the s390 architecture. Local users can
trigger an invalid pointer dereference, leading to a system panic.

CVE-2008-3525

Eugene Teo reported a lack of capability checks in the kernel
driver for Granch SBNI12 leased line adapters (sbni), allowing
local users to perform privileged operations.

CVE-2008-3831

Olaf Kirch discovered an issue with the i915 driver that may allow
local users to cause memory corruption by use of an ioctl with
insufficient privilege restrictions.

CVE-2008-4113/CVE-2008-4445

Eugene Teo discovered two issues in the SCTP subsystem which allow
local users to obtain access to sensitive memory when the
SCTP-AUTH extension is enabled.

For the stable distribution (etch), these problems have been fixed in
version 2.6.24-6~etchnhalf.6.

We recommend that you upgrade your linux-2.6.24 packages.

Upgrade instructions
- ---------...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.