Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 1436-1 (linux-2.6)
The remote host is missing an update to linux-2.6
announced via advisory DSA 1436-1.

Several local vulnerabilities have been discovered in the Linux kernel
that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:


LMH reported an issue in the minix filesystem that allows local users
with mount privileges to create a DoS (printk flood) by mounting a
specially crafted corrupt filesystem.


Warren Togami discovered an issue in the hrtimer subsystem that allows
a local user to cause a DoS (soft lockup) by requesting a timer sleep
for a long period of time leading to an integer overflow.


Venustech AD-LAB discovered a a buffer overflow in the isdn ioctl
handling, exploitable by a local user.


Blake Frantz discovered that when a core file owned by a non-root user
exists, and a root-owned process dumps core over it, the core file
retains its original ownership. This could be used by a local user to
gain access to sensitive information.


Hugh Dickins discovered an issue in the tmpfs filesystem where, under
a rare circumstance, a kernel page maybe improperly cleared, leaking
sensitive kernel memory to userspace or resulting in a DoS (crash).

These problems have been fixed in the stable distribution in version

The following matrix lists additional packages that were rebuilt for
compatability with or to take advantage of this update:

Debian 4.0 (etch)
fai-kernels 1.17+etch.13etch6
user-mode-linux 2.6.18-1um-2etch.13etch6

We recommend that you upgrade your kernel package immediately and reboot


CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-6058
Debian Security Information: DSA-1436 (Google Search)
Debian Security Information: DSA-1504 (Google Search)
SuSE Security Announcement: SUSE-SA:2007:059 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2007-5966
BugTraq ID: 26880
Bugtraq: 20071218 rPSA-2007-0269-1 kernel (Google Search)
Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search)
SuSE Security Announcement: SUSE-SA:2008:006 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2007-6063
BugTraq ID: 26605
Debian Security Information: DSA-1503 (Google Search)
RedHat Security Advisories: RHSA-2008:0055
SuSE Security Announcement: SUSE-SA:2007:064 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2007-6206
BugTraq ID: 26701
Bugtraq: 20080208 rPSA-2008-0048-1 kernel (Google Search)
SuSE Security Announcement: SUSE-SA:2008:007 (Google Search)
SuSE Security Announcement: SUSE-SA:2008:030 (Google Search)
SuSE Security Announcement: SUSE-SA:2008:032 (Google Search)
XForce ISS Database: kernel-core-dump-information-disclosure(38841)
Common Vulnerability Exposure (CVE) ID: CVE-2007-6417
BugTraq ID: 27694
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.