[Bug 187275] [NEW] [linux-source] several local vulnerabilities
hk47
bugtracker at slideomania.com
Wed Jan 30 10:08:44 UTC 2008
Public bug reported:
Binary package hint: linux-source
References:
DSA-1479-1 (http://www.debian.org/security/2008/dsa-1479)
Quoting:
"Several local vulnerabilities have been discovered in the Linux kernel
that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems: [...]
CVE-2007-4571
Takashi Iwai supplied a fix for a memory leak in the snd_page_alloc module.
Local users could exploit this issue to obtain sensitive information from
the kernel.
CVE-2007-6151
ADLAB discovered a possible memory overrun in the ISDN subsystem that
may permit a local user to overwrite kernel memory leading by issuing
ioctls with unterminated data.
CVE-2008-0001
Bill Roman of Datalight noticed a coding error in the linux VFS subsystem
that, under certain conditions, can allow local users to remove
directories for which they should not have removal privileges."
** Affects: linux-meta (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-4571
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-6151
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-0001
--
[linux-source] several local vulnerabilities
https://bugs.launchpad.net/bugs/187275
You received this bug notification because you are a member of Kernel
Bugs, which is a bug contact for linux-meta in ubuntu.
More information about the kernel-bugs
mailing list