Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-6058 LMH reported an issue in the minix filesystem that allows local users with mount privileges to create a DoS (printk flood) by mounting a specially crafted corrupt filesystem. CVE-2007-5966 Warren Togami discovered an issue in the hrtimer subsystem that allows a local user to cause a DoS (soft lockup) by requesting a timer sleep for a long period of time leading to an integer overflow. CVE-2007-6063 Venustech AD-LAB discovered a buffer overflow in the isdn ioctl handling, exploitable by a local user. CVE-2007-6206 Blake Frantz discovered that when a core file owned by a non-root user exists, and a root-owned process dumps core over it, the core file retains its original ownership. This could be used by a local user to gain access to sensitive information. CVE-2007-6417 Hugh Dickins discovered an issue in the tmpfs filesystem where, under a rare circumstance, a kernel page may be improperly cleared, leaking sensitive kernel memory to userspace or resulting in a DoS (crash). These problems have been fixed in the stable distribution in version 2.6.18.dfsg.1-13etch6. The following matrix lists additional packages that were rebuilt for compatibility with or to take advantage of this update: Debian 4.0 (etch) fai-kernels 1.17+etch.13etch6 user-mode-linux 2.6.18-1um-2etch.13etch6 We recommend that you upgrade your kernel package immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes.
Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:
LMH reported an issue in the minix filesystem that allows local users with mount privileges to create a DoS (printk flood) by mounting a specially crafted corrupt filesystem.
Warren Togami discovered an issue in the hrtimer subsystem that allows a local user to cause a DoS (soft lockup) by requesting a timer sleep for a long period of time leading to an integer overflow.
Venustech AD-LAB discovered a buffer overflow in the isdn ioctl handling, exploitable by a local user.
Blake Frantz discovered that when a core file owned by a non-root user exists, and a root-owned process dumps core over it, the core file retains its original ownership. This could be used by a local user to gain access to sensitive information.
Hugh Dickins discovered an issue in the tmpfs filesystem where, under a rare circumstance, a kernel page may be improperly cleared, leaking sensitive kernel memory to userspace or resulting in a DoS (crash).
These problems have been fixed in the stable distribution in version 2.6.18.dfsg.1-13etch6.
The following matrix lists additional packages that were rebuilt for compatibility with or to take advantage of this update:
Debian 4.0 (etch) | |
---|---|
fai-kernels | 1.17+etch.13etch6 |
user-mode-linux | 2.6.18-1um-2etch.13etch6 |
We recommend that you upgrade your kernel package immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes.
MD5 checksums of the listed files are available in the original advisory.