[kernel-sec-discuss] r1278 - dsa-texts
dannf at alioth.debian.org
dannf at alioth.debian.org
Sun Dec 14 23:47:46 UTC 2008
Author: dannf
Date: 2008-12-14 23:47:46 +0000 (Sun, 14 Dec 2008)
New Revision: 1278
Modified:
dsa-texts/2.6.18.dfsg.1-23etch1
Log:
add CVE references
Modified: dsa-texts/2.6.18.dfsg.1-23etch1
===================================================================
--- dsa-texts/2.6.18.dfsg.1-23etch1 2008-12-11 21:17:12 UTC (rev 1277)
+++ dsa-texts/2.6.18.dfsg.1-23etch1 2008-12-14 23:47:46 UTC (rev 1278)
@@ -1,28 +1,96 @@
----------------------------------------------------------------------
Debian Security Advisory DSA-XXXX-1 security at debian.org
http://www.debian.org/security/ dann frazier
-Dec 13, 2008 http://www.debian.org/security/faq
+Dec 14, 2008 http://www.debian.org/security/faq
----------------------------------------------------------------------
Package : linux-2.6
Vulnerability : denial of service/privilege escalation
Problem type : local/remote
Debian-specific: no
-CVE Id(s) : CVE-XXXX-XXXX
+CVE Id(s) : CVE-2008-3527 CVE-2008-3528 CVE-2008-4554 CVE-2008-4576
+ CVE-2008-4933 CVE-2008-4934 CVE-2008-5025 CVE-2008-5029
+ CVE-2008-5079 CVE_2008-5182 CVE-2008-5300
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following
problems:
-CVE-XXXX-XXXX
+CVE-2008-3527
- XXXX
+ Tavis Ormandy reported a local DoS and potential privilege escalation
+ in the Virtual Dynamic Shared Objects (vDSO) implementation.
-CVE-XXXX-XXX
+CVE-2008-3528
- XXXX
+ Eugene Teo reported a local DoS issue in the ext2 and ext3
+ filesystems. Local users who have been granted the privileges
+ necessary to mount a filesystem would be able to craft a corrupted
+ filesystem that causes the kernel to output error messages in an
+ infinite loop.
+CVE-2008-4554
+
+ Milos Szeredi reported that the usage of splice() on files opened
+ with O_APPEND allows users to write to the file at arbitrary
+ offsets, enabling a bypass of possible assumed semantics of the
+ O_APPEND flag.
+
+CVE-2008-4576
+
+ Vlad Yasevich reported an issue in the SCTP subsystem that may
+ allow remote users to cause a local DoS by triggering a kernel
+ oops.
+
+CVE-2008-4933
+
+ Eric Sesterhenn reported a local DoS issue in the hfsplus
+ filesystem. Local users who have been granted the privileges
+ necessary to mount a filesystem would be able to craft a corrupted
+ filesystem that causes the kernel to overrun a buffer, resulting
+ in a system oops or memory corruption.
+
+CVE-2008-4934
+
+ Eric Sesterhenn reported a local DoS issue in the hfsplus
+ filesystem. Local users who have been granted the privileges
+ necessary to mount a filesystem would be able to craft a corrupted
+ filesystem that results in a kernel oops due to an unchecked
+ return value.
+
+CVE-2008-5025
+
+ Eric Sesterhenn reported a local DoS issue in the hfs filesystem.
+ Local users who have been granted the privileges necessary to
+ mount a filesystem would be able to craft a filesystem with a
+ corrupted catalog name length, resulting in a system oops or
+ memory corruption.
+
+CVE-2008-5029
+
+ Andrea Bittau reported a DoS issue in the unix socket subsystem
+ that allows a local user to cause memory corruption, resulting in
+ a kernel panic.
+
+CVE-2008-5079
+
+ Hugo Dias reported a DoS condition in the ATM subsystem
+ that can be triggered by a local user by calling the svc_listen
+ function twice on the same socket and reading /proc/net/atm/*vc.
+
+CVE_2008-5182
+
+ Al Viro reported race conditions in the inotify subsystem that may
+ allow local users to acquire elevated privileges.
+
+CVE-2008-5300
+
+ Dann Frazier reported a DoS condition that allows local users to
+ cause the out of memory handler to kill off privileged processes
+ or trigger soft lockups due to a starvation issue in the unix
+ socket subsystem.
+
For the stable distribution (etch), this problem has been fixed in
version 2.6.18.dfsg.1-23etch1.
More information about the kernel-sec-discuss
mailing list