Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2094-1 (linux-2.6)
The remote host is missing an update to linux-2.6
announced via advisory DSA 2094-1.

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:


Kyle Bader reported an issue in the tty subsystem that allows local
users to create a denial of service (NULL pointer dereference).


Dan Rosenberg reported an issue in the xfs filesystem that allows local
users to copy and read a file owned by another user, for which they
only have write permissions, due to a lack of permission checking in the


Rafal Wojtczuk reported an issue that allows users to obtain escalated
privileges. Users must already have sufficient privileges to execute or
connect clients to an Xorg server.


Suresh Jayaraman discovered an issue in the CIFS filesystem. A malicious
file server can set an incorrect CountHigh value, resulting in a
denial of service (BUG_ON() assertion).


Neil Brown reported an issue in the NFSv4 server code. A malicious client
could trigger a denial of service (Oops) on a server due to a bug in
the read_buf() routine.


Bob Peterson reported an issue in the GFS2 file system. A file system
user could cause a denial of service (Oops) via certain rename


Kees Cook reported an issue in the DRM (Direct Rendering Manager)
subsystem. Local users with sufficient privileges (local X users
or members of the 'video' group on a default Debian install) could
acquire access to sensitive kernel memory.


Ben Hawkes discovered an issue in the AF_CAN socket family. An integer
overflow condition may allow local users to obtain elevated privileges.


Toshiyuki Okajima reported an issue in the ext4 filesystem. Local users
could trigger a denial of service (BUG assertion) by generating a specific
set of filesystem operations.

This update also includes fixes a regression introduced by a previous
update. See the referenced Debian bug page for details.

For the stable distribution (lenny), this problem has been fixed in
version 2.6.26-24lenny1.

We recommend that you upgrade your linux-2.6 and user-mode-linux


CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-4895
Debian Security Information: DSA-2094 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-2226
BugTraq ID: 40920
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
SuSE Security Announcement: SUSE-SA:2010:060 (Google Search)
SuSE Security Announcement: SUSE-SA:2011:007 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-2240
Bugtraq: 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console (Google Search)
RedHat Security Advisories: RHSA-2010:0661
Common Vulnerability Exposure (CVE) ID: CVE-2010-2248
BugTraq ID: 42242
RedHat Security Advisories: RHSA-2010:0606
Common Vulnerability Exposure (CVE) ID: CVE-2010-2521
BugTraq ID: 42249
SuSE Security Announcement: SUSE-SA:2010:040 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-2798
BugTraq ID: 42124
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
SuSE Security Announcement: SUSE-SA:2010:054 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-2803
SuSE Security Announcement: SUSE-SA:2010:041 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-2959
BugTraq ID: 42585
Common Vulnerability Exposure (CVE) ID: CVE-2010-3015
BugTraq ID: 42477
XForce ISS Database: kernel-stacksize-dos(61156)
CopyrightCopyright (c) 2010 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.