[kernel-sec-discuss] r1247 - dsa-texts
micah at alioth.debian.org
micah at alioth.debian.org
Thu Oct 16 22:13:21 UTC 2008
Author: micah
Date: 2008-10-16 22:13:21 +0000 (Thu, 16 Oct 2008)
New Revision: 1247
Modified:
dsa-texts/2.6.24-6~etchnhalf.6
Log:
minor adjustments
Modified: dsa-texts/2.6.24-6~etchnhalf.6
===================================================================
--- dsa-texts/2.6.24-6~etchnhalf.6 2008-10-16 18:05:20 UTC (rev 1246)
+++ dsa-texts/2.6.24-6~etchnhalf.6 2008-10-16 22:13:21 UTC (rev 1247)
@@ -11,9 +11,10 @@
CVE Id(s) : CVE-2008-1514 CVE-2008-3525 CVE-2008-3831 CVE-2008-4113
CVE-2008-4445
-Several vulnerabilities have been discovered in the Linux kernel that may
-lead to a denial of service or leak sensitive data. The Common Vulnerabilities
-and Exposures project identifies the following problems:
+Several vulnerabilities have been discovered in the Linux kernel that
+may lead to a denial of service, privilege escalation or a leak
+sensitive data. The Common Vulnerabilities and Exposures project
+identifies the following problems:
CVE-2008-1514
@@ -29,16 +30,15 @@
CVE-2008-3831
- Olaf Kirch discovered an issue with the i915 driver that may
- allow local users to cause memory corruption by use of an
- ioctl with insufficient privilege restrictions.
+ Olaf Kirch discovered an issue with the i915 driver that may allow
+ local users to cause memory corruption by use of an ioctl with
+ insufficient privilege restrictions.
-CVE-2008-4113
-CVE-2008-4445
+CVE-2008-4113/CVE-2008-4445
Eugene Teo discovered two issues in the SCTP subsystem which allow
- local users to obtain access to sensitive memory when the SCTP-AUTH
- extension is enabled.
+ local users to obtain access to sensitive memory when the
+ SCTP-AUTH extension is enabled.
For the stable distribution (etch), these problems have been fixed in
version 2.6.24-6~etchnhalf.6.
More information about the kernel-sec-discuss
mailing list