Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-0231 Jan Beulich provided a fix for an issue in the Xen PCI backend drivers. Users of guests on a system using passed-through PCI devices can create a denial of service of the host system due to the use of non-ratelimited kernel log messages. CVE-2013-0871 Suleiman Souhlal and Salman Qazi of Google, with help from Aaron Durbin and Michael Davidson of Google, discovered an issue in the ptrace subsystem. Due to a race condition with PTRACE_SETREGS, local users can cause kernel stack corruption and execution of arbitrary code. For the stable distribution (squeeze), this problem has been fixed in version 2.6.32-48squeeze1. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 6.0 (squeeze) user-mode-linux 2.6.32-1um-4+48squeeze1 We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:
Jan Beulich provided a fix for an issue in the Xen PCI backend drivers. Users of guests on a system using passed-through PCI devices can create a denial of service of the host system due to the use of non-ratelimited kernel log messages.
Suleiman Souhlal and Salman Qazi of Google, with help from Aaron Durbin and Michael Davidson of Google, discovered an issue in the ptrace subsystem. Due to a race condition with PTRACE_SETREGS, local users can cause kernel stack corruption and execution of arbitrary code.
For the stable distribution (squeeze), this problem has been fixed in version 2.6.32-48squeeze1.
The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:
Debian 6.0 (squeeze) | |
---|---|
user-mode-linux | 2.6.32-1um-4+48squeeze1 |
We recommend that you upgrade your linux-2.6 and user-mode-linux packages.