Debian 3.1 DSA 1018-2 Moderate: Kernel Execution and DoS Threats
debian
April 5, 2006
Updated package.
Summary
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2004-0887
Martin Schwidefsky discovered that the privileged instruction SACF (Set
Address Space Control Fast) on the S/390 platform is not handled properly,
allowing for a local user to gain root privileges.
CVE-2004-1058
A race condition allows for a local user to read the environment variables
of another process that is still spawning through /proc/.../cmdline.
CVE-2004-2607
A numeric casting discrepancy in sdla_xfer allows local users to read
portions of kernel memory via a large len argument which is received as an
int but cast to a short, preventing read loop from filling a buffer.
CVE-2005-0449
An error in the skb_checksum_help() function from the netfilter framework
has been discovere...
PREVIOUS
NEXT
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!