[kernel-sec-discuss] r1743 - dsa-texts
Micah Anderson
micah at alioth.debian.org
Tue Feb 23 00:41:10 UTC 2010
Author: micah
Date: 2010-02-23 00:41:08 +0000 (Tue, 23 Feb 2010)
New Revision: 1743
Modified:
dsa-texts/2.6.18.dfsg.1-26etch2
Log:
fixed ioctl call, and justified paragraphs
Modified: dsa-texts/2.6.18.dfsg.1-26etch2
===================================================================
--- dsa-texts/2.6.18.dfsg.1-26etch2 2010-02-23 00:20:57 UTC (rev 1742)
+++ dsa-texts/2.6.18.dfsg.1-26etch2 2010-02-23 00:41:08 UTC (rev 1743)
@@ -14,13 +14,14 @@
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
-Vulnerabilities and Exposures project identifies the following problems:
+Vulnerabilities and Exposures project identifies the following
+problems:
CVE-2009-3080
Dave Jones reported an issue in the gdth SCSI driver. A missing
- check for negative offsets in ioctl called could be exploited
- by local users to create a denial of service or potentially gain
+ check for negative offsets in an ioctl call could be exploited by
+ local users to create a denial of service or potentially gain
elevated privileges.
CVE-2009-3726
@@ -31,16 +32,17 @@
CVE-2009-4005
- Roel Kluin discovered an issue in the hfc_usb driver, an ISDN driver
- for Colognechip HFC-S USB chip. A potential read overflow exists which
- may allow remote users to cause a denial of service condition (oops).
+ Roel Kluin discovered an issue in the hfc_usb driver, an ISDN
+ driver for Colognechip HFC-S USB chip. A potential read overflow
+ exists which may allow remote users to cause a denial of service
+ condition (oops).
CVE-2009-4020
Amerigo Wang discovered an issue in the HFS filesystem that would
- allow a denial of service by a local user who has sufficient privileges
- to mount a specially crafted filesystem.
+ allow a denial of service by a local user who has sufficient
+ privileges to mount a specially crafted filesystem.
CVE-2009-4021
@@ -76,9 +78,9 @@
CVE-2010-0622
- Jermome Marchand reported an issue in the futex subsystem
- that allows a local user to force an invalid futex state
- which results in a denial of service (oops).
+ Jermome Marchand reported an issue in the futex subsystem that
+ allows a local user to force an invalid futex state which results
+ in a denial of service (oops).
For the oldstable distribution (etch), this problem has been fixed in
version 2.6.18.dfsg.1-26etch2.
More information about the kernel-sec-discuss
mailing list