Debian 3.1 DSA 1184-1 Critical: Kernel Denial Of Service Risks
debian
September 25, 2006
Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitrary code
Topics Covered
Summary
Toshihiro Iwamoto discovered a memory leak in the handling of
direct I/O writes that allows local users to cause a denial of
service.
CVE-2005-4798
A buffer overflow in NFS readlink handling allows a malicious
remote server to cause a denial of service.
CVE-2006-1052
Stephen Smalley discovered a bug in the SELinux ptrace handling
that allows local users with ptrace permissions to change the
tracer SID to the SID of another process.
CVE-2006-1343
Pavel Kankovsky discovered an information leak in the getsockopt
system call which can be exploited by a local program to leak
potentially sensitive memory to userspace.
CVE-2006-1528
Douglas Gilbert reported a bug in the sg driver that allows local
users to cause a denial of service by performing direct I/O
transfers from the sg driver to memory mapped I/O space.
CVE-2006-1855
Mattia Belletti noticed that certain debugging code left in the
process management code cou...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!