Debian: DSA-1018-1 Critical: Kernel Exploits Cause Denial Of Service
debian
March 24, 2006
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code
Summary
Martin Schwidefsky discovered that the privileged instruction SACF (Set
Address Space Control Fast) on the S/390 platform is not handled properly,
allowing for a local user to gain root privileges.
CVE-2004-1058
A race condition allows for a local user to read the environment variables
of another process that is still spawning through /proc/.../cmdline.
CVE-2004-2607
A numeric casting discrepancy in sdla_xfer allows local users to read
portions of kernel memory via a large len argument which is received as an
int but cast to a short, preventing read loop from filling a buffer.
CVE-2005-0449
An error in the skb_checksum_help() function from the netfilter framework
has been discovered that allows the bypass of packet filter rules or
a denial of service attack.
CVE-2005-1761
A vulnerability in the ptrace subsystem of the IA-64 architecture can
allow local attackers to overwrite kernel memory and crash the kernel.
CVE-2...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!