| Summary: | The remote host is missing an update for the Debian 'fai-kernels, kernel-image-2.6.8-alpha, kernel-image-2.6.8-amd64, kernel-image-2.6.8-hppa, kernel-image-2.6.8-i386, kernel-image-2.6.8-ia64, kernel-image-2.6.8-m68k, kernel-image-2.6.8-s390, kernel-image-2.6.8-sparc, kernel-patch-powerpc-2.6.8, kernel-source-2.6.8' package(s) announced via the DSA-1504-1 advisory. |
| Description: | Summary:
The remote host is missing an update for the Debian 'fai-kernels, kernel-image-2.6.8-alpha, kernel-image-2.6.8-amd64, kernel-image-2.6.8-hppa, kernel-image-2.6.8-i386, kernel-image-2.6.8-ia64, kernel-image-2.6.8-m68k, kernel-image-2.6.8-s390, kernel-image-2.6.8-sparc, kernel-patch-powerpc-2.6.8, kernel-source-2.6.8' package(s) announced via the DSA-1504-1 advisory.
Vulnerability Insight:
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2006-5823
LMH reported a potential local DoS which could be exploited by a malicious user with the privileges to mount and read a corrupted cramfs filesystem.
CVE-2006-6054
LMH reported a potential local DoS which could be exploited by a malicious user with the privileges to mount and read a corrupted ext2 filesystem.
CVE-2006-6058
LMH reported an issue in the minix filesystem that allows local users with mount privileges to create a DoS (printk flood) by mounting a specially crafted corrupt filesystem.
CVE-2006-7203
OpenVZ Linux kernel team reported an issue in the smbfs filesystem which can be exploited by local users to cause a DoS (oops) during mount.
CVE-2007-1353
Ilja van Sprundel discovered that kernel memory could be leaked via the Bluetooth setsockopt call due to an uninitialized stack buffer. This could be used by local attackers to read the contents of sensitive kernel memory.
CVE-2007-2172
Thomas Graf reported a typo in the DECnet protocol handler that could be used by a local attacker to overrun an array via crafted packets, potentially resulting in a Denial of Service (system crash). A similar issue exists in the IPV4 protocol handler and will be fixed in a subsequent update.
CVE-2007-2525
Florian Zumbiehl discovered a memory leak in the PPPOE subsystem caused by releasing a socket before PPPIOCGCHAN is called upon it. This could be used by a local user to DoS a system by consuming all available memory.
CVE-2007-3105
The PaX Team discovered a potential buffer overflow in the random number generator which may permit local users to cause a denial of service or gain additional privileges. This issue is not believed to effect default Debian installations where only root has sufficient privileges to exploit it.
CVE-2007-3739
Adam Litke reported a potential local denial of service (oops) on powerpc platforms resulting from unchecked VMA expansion into address space reserved for hugetlb pages.
CVE-2007-3740
Steve French reported that CIFS filesystems with CAP_UNIX enabled were not honoring a process' umask which may lead to unintentionally relaxed permissions.
CVE-2007-3848
Wojciech Purczynski discovered that pdeath_signal was not being reset properly under certain conditions which may allow local users to gain privileges by sending arbitrary signals to suid binaries.
CVE-2007-4133
Hugh Dickins discovered a potential local DoS (panic) in hugetlbfs. A misconversion of hugetlb_vmtruncate_list to prio_tree may allow local users to trigger a BUG_ON() call in exit_mmap.
CVE-2007-4308
Alan Cox reported an issue in the aacraid driver that allows unprivileged local users to make ioctl calls which should be ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'fai-kernels, kernel-image-2.6.8-alpha, kernel-image-2.6.8-amd64, kernel-image-2.6.8-hppa, kernel-image-2.6.8-i386, kernel-image-2.6.8-ia64, kernel-image-2.6.8-m68k, kernel-image-2.6.8-s390, kernel-image-2.6.8-sparc, kernel-patch-powerpc-2.6.8, kernel-source-2.6.8' package(s) on Debian 3.1.
Solution:
Please install the updated package(s).
CVSS Score:
7.8
CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
