[continued from previous message]

a denial of service or possibly elevated privileges due to a use-after-
free defect.

CVE-2013-1773

Alan Stern provided a fix for a defect in the UTF8->UTF16 string conversion
facility used by the VFAT filesystem. A local user could cause a buffer
overflow condition, resulting in a denial of service or potentially
elevated privileges.

CVE-2013-1774

Wolfgang Frisch provided a fix for a NULL-pointer dereference defect
in the driver for some serial USB devices from Inside Out Networks.
Local users with permission to access these devices can create a denial
of service (kernel oops) by causing the device to be removed while it is
in use.

CVE-2013-1792

Mateusz Guzik of Red Hat EMEA GSS SEG Team discovered a race condition
in the access key retention support in the kernel. A local user could
cause a denial of service (NULL pointer dereference).

CVE-2013-1796

Andrew Honig of Google reported an issue in the KVM subsystem. A user in
a guest operating system could corrupt kernel memory, resulting in a
denial of service.

CVE-2013-1798

Andrew Honig of Google reported an issue in the KVM subsystem. A user in
a guest operating system could cause a denial of service due to a use-
after-free defect.

CVE-2013-1826

Mathias Krause discovered an issue in the Transformation (XFRM) user
configuration interface of the networking stack. A user with the
CAP_NET_ADMIN capability maybe able to gain elevated privileges.

CVE-2013-1860

Oliver Neukum discovered an issue in the USB CDC WCM Device Management
driver. Local users with the ability to attach devices can cause a
denial of service (kernel crash) or potentially gain elevated privileges.

CVE-2013-1928

Kees Cook provided a fix for an information leak in the
VIDEO_SET_SPU_PALETTE ioctl for 32-bit applications running on a 64-bit
kernel. Local users can gain access to sensitive kernel memory.

CVE-2013-1929

Oded Horovitz and Brad Spengler reported an issue in the device driver for
Broadcom Tigon3 based gigabit Ethernet. Users with the ability to attach
untrusted devices can create an overflow condition, resulting in a denial
of service or elevated privileges.

CVE-2013-2015

Theodore Ts'o provided a fix for an issue in the ext4 filesystem. Local
users with the ability to mount a specially crafted filesystem can cause
a denial of service (infinite loop).

CVE-2013-2634

Mathias Krause discovered a few issues in the Data Center Bridging (DCB)
netlink interface. Local users can gain access to sensitive kernel memory.

CVE-2013-3222

Mathias Krauss discovered an issue in the Asynchronous Transfer Mode (ATM)
protocol support. Local users can gain access to sensitive kernel memory.

CVE-2013-3223

Mathias Krauss discovered an issue in the Amateur Radio AX.25 protocol
support. Local users can gain access to sensitive kernel memory.

CVE-2013-3224

Mathias Krauss discovered an issue in the Bluetooth subsystem. Local users
can gain access to sensitive kernel memory.

CVE-2013-3225

Mathias Krauss discovered an issue in the Bluetooth RFCOMM protocol
support. Local users can gain access to sensitive kernel memory.

CVE-2013-3228

Mathias Krauss discovered an issue in the IrDA (infrared) subsystem
support. Local users can gain access to sensitive kernel memory.

CVE-2013-3229

Mathias Krauss discovered an issue in the IUCV support on s390 systems.
Local users can gain access to sensitive kernel memory.

CVE-2013-3231

Mathias Krauss discovered an issue in the ANSI/IEEE 802.2 LLC type 2
protocol support. Local users can gain access to sensitive kernel memory.

CVE-2013-3234

Mathias Krauss discovered an issue in the Amateur Radio X.25 PLP (Rose)
protocol support. Local users can gain access to sensitive kernel memory.

CVE-2013-3235

Mathias Krauss discovered an issue in the Transparent Inter Process
Communication (TIPC) protocol support. Local users can gain access to
sensitive kernel memory.

For the oldstable distribution (squeeze), this problem has been fixed in version 2.6.32-48squeeze3.

The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:

Debian 6.0 (squeeze)
user-mode-linux 2.6.32-1um-4+48squeeze3

We recommend that you upgrade your linux-2.6 and user-mode-linux packages.

Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or "leap-frog" fashion.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJRkox3AAoJEBv4PF5U/IZA8i8P/0HmqD/hYRYRdiYAs9eAnvKv 1zhrLJWN0xoRresucZhlm6nR/MLSjDJ4WZCvUPxJV9wnKRRaOq8satYK1dB4kn39 mEQr1WXMU9ojY4edMjRHsF0qcAVotJKsckmnecBd91KEd73SzeSg6zff7fQmAqWD xa8pYdJtBt1A0V0w36Wp+nuqrcyrKD/xMT24oQnWf8uwaiPABI5Ujw0QqysO+48z MhvP6PPpkkiVJ1zfGJMKPC9d2GwVqKHfQpyS0JCtrm9aeuN3oYg2bahEb+Rk905z TCqi9ubLVlWvz4pNycR8kNE0uLhaP71KXcBkRN1Z9G6XTbYxsFuilGyp98ExcwxX j4Psn9jwaCHDQLbNt+P4JiV9cH6FFnwGHgi248nkEbBBRTzyCAdOQDg5h8Otn39O 2UlvFQUNQzU/s0mtmuj5b+gqGS4BelQYmKitJYga0ZpePSJ+GPpK1bSSbKeidUp6 jjxLIcG66OqTUdE14REOQa+yru9j2SpaAdXE62bW+uw5AGeaN6lZk4/kZTFXiZYc 4sZPVY3A0H7IUo56i+r6KwRqOUCoPKT2MmUp+Qw+OW1so3LAvFjhjkITvcIUllgf l4B6kau4NASZUBfXAd7ClWYLJqu8zGunIdJFI1UtVqy2iYxbCEdyQUotmsvf6Pxy HE5aT4RfgwD6zOmV/Pcq
=q9q5
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]

--
Jon Marshall
Workshop IT: www.workshopit.co.uk
e:[email protected] t:020 7183 0498


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

[continued from previous message]

Oliver Neukum discovered an issue in the USB CDC WCM Device Management
driver. Local users with the ability to attach devices can cause a
denial of service (kernel crash) or potentially gain elevated privileges.

CVE-2013-1928

Kees Cook provided a fix for an information leak in the
VIDEO_SET_SPU_PALETTE ioctl for 32-bit applications running on a 64-bit
kernel. Local users can gain access to sensitive kernel memory.

CVE-2013-1929

Oded Horovitz and Brad Spengler reported an issue in the device driver for
Broadcom Tigon3 based gigabit Ethernet. Users with the ability to attach
untrusted devices can create an overflow condition, resulting in a denial
of service or elevated privileges.

CVE-2013-2015

Theodore Ts'o provided a fix for an issue in the ext4 filesystem. Local
users with the ability to mount a specially crafted filesystem can cause
a denial of service (infinite loop).

CVE-2013-2634

Mathias Krause discovered a few issues in the Data Center Bridging (DCB)
netlink interface. Local users can gain access to sensitive kernel memory.

CVE-2013-3222

Mathias Krauss discovered an issue in the Asynchronous Transfer Mode (ATM)
protocol support. Local users can gain access to sensitive kernel memory.

CVE-2013-3223

Mathias Krauss discovered an issue in the Amateur Radio AX.25 protocol
support. Local users can gain access to sensitive kernel memory.

CVE-2013-3224

Mathias Krauss discovered an issue in the Bluetooth subsystem. Local users
can gain access to sensitive kernel memory.

CVE-2013-3225

Mathias Krauss discovered an issue in the Bluetooth RFCOMM protocol
support. Local users can gain access to sensitive kernel memory.

CVE-2013-3228

Mathias Krauss discovered an issue in the IrDA (infrared) subsystem
support. Local users can gain access to sensitive kernel memory.

CVE-2013-3229

Mathias Krauss discovered an issue in the IUCV support on s390 systems.
Local users can gain access to sensitive kernel memory.

CVE-2013-3231

Mathias Krauss discovered an issue in the ANSI/IEEE 802.2 LLC type 2
protocol support. Local users can gain access to sensitive kernel memory.

CVE-2013-3234

Mathias Krauss discovered an issue in the Amateur Radio X.25 PLP (Rose)
protocol support. Local users can gain access to sensitive kernel memory.

CVE-2013-3235

Mathias Krauss discovered an issue in the Transparent Inter Process
Communication (TIPC) protocol support. Local users can gain access to
sensitive kernel memory.

For the oldstable distribution (squeeze), this problem has been fixed in version 2.6.32-48squeeze3.

The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:

Debian 6.0 (squeeze)
user-mode-linux 2.6.32-1um-4+48squeeze3

We recommend that you upgrade your linux-2.6 and user-mode-linux packages.

Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or "leap-frog" fashion.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJRkox3AAoJEBv4PF5U/IZA8i8P/0HmqD/hYRYRdiYAs9eAnvKv 1zhrLJWN0xoRresucZhlm6nR/MLSjDJ4WZCvUPxJV9wnKRRaOq8satYK1dB4kn39 mEQr1WXMU9ojY4edMjRHsF0qcAVotJKsckmnecBd91KEd73SzeSg6zff7fQmAqWD xa8pYdJtBt1A0V0w36Wp+nuqrcyrKD/xMT24oQnWf8uwaiPABI5Ujw0QqysO+48z MhvP6PPpkkiVJ1zfGJMKPC9d2GwVqKHfQpyS0JCtrm9aeuN3oYg2bahEb+Rk905z TCqi9ubLVlWvz4pNycR8kNE0uLhaP71KXcBkRN1Z9G6XTbYxsFuilGyp98ExcwxX j4Psn9jwaCHDQLbNt+P4JiV9cH6FFnwGHgi248nkEbBBRTzyCAdOQDg5h8Otn39O 2UlvFQUNQzU/s0mtmuj5b+gqGS4BelQYmKitJYga0ZpePSJ+GPpK1bSSbKeidUp6 jjxLIcG66OqTUdE14REOQa+yru9j2SpaAdXE62bW+uw5AGeaN6lZk4/kZTFXiZYc 4sZPVY3A0H7IUo56i+r6KwRqOUCoPKT2MmUp+Qw+OW1so3LAvFjhjkITvcIUllgf l4B6kau4NASZUBfXAd7ClWYLJqu8zGunIdJFI1UtVqy2iYxbCEdyQUotmsvf6Pxy HE5aT4RfgwD6zOmV/Pcq
=q9q5
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)