From: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------- Debian Security Advisory DSA-2264-1 [email protected] http://www.debian.org/security/ dann frazier
June 18, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : linux-2.6
Vulnerability : privilege escalation/denial of service/information leak Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2010-2524 CVE-2010-3875 CVE-2010-4075 CVE-2010-4655
CVE-2011-0695 CVE-2011-0710 CVE-2011-0711 CVE-2011-0726
CVE-2011-1010 CVE-2011-1012 CVE-2011-1017 CVE-2011-1078
CVE-2011-1079 CVE-2011-1080 CVE-2011-1090 CVE-2011-1093
CVE-2011-1160 CVE-2011-1163 CVE-2011-1170 CVE-2011-1171
CVE-2011-1172 CVE-2011-1173 CVE-2011-1180 CVE-2011-1182
CVE-2011-1477 CVE-2011-1493 CVE-2011-1577 CVE-2011-1593
CVE-2011-1598 CVE-2011-1745 CVE-2011-1746 CVE-2011-1748
CVE-2011-1759 CVE-2011-1767 CVE-2011-1768 CVE-2011-1776
CVE-2011-2022 CVE-2011-2182
Debian Bug : 618485

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2010-2524

David Howells reported an issue in the Common Internet File System (CIFS).
Local users could cause arbitrary CIFS shares to be mounted by introducing
malicious redirects.

CVE-2010-3875

Vasiliy Kulikov discovered an issue in the Linux implementation of the
Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to
sensitive kernel memory.

CVE-2010-4075

Dan Rosenberg reported an issue in the tty layer that may allow local
users to obtain access to sensitive kernel memory.

CVE-2010-4655

Kees Cook discovered several issues in the ethtool interface which may
allow local users with the CAP_NET_ADMIN capability to obtain access to
sensitive kernel memory.

CVE-2011-0695

Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can
exploit a race condition to cause a denial of service (kernel panic).

CVE-2011-0710

Al Viro reported an issue in the /proc/<pid>/status interface on the
s390 architecture. Local users could gain access to sensitive memory
in processes they do not own via the task_show_regs entry.

CVE-2011-0711

Dan Rosenberg reported an issue in the XFS filesystem. Local users may
obtain access to sensitive kernel memory.

CVE-2011-0726

Kees Cook reported an issue in the /proc/pid/stat implementation. Local
users could learn the text location of a process, defeating protections
provided by address space layout randomization (ASLR).

CVE-2011-1010

Timo Warns reported an issue in the Linux support for Mac partition tables.
Local users with physical access could cause a denial of service (panic)
by adding a storage device with a malicious map_count value.

CVE-2011-1012

Timo Warns reported an issue in the Linux support for Mac partition tables.
Local users with physical access could cause a denial of service (panic)
by adding a storage device with a malicious map_count value.

CVE-2011-1017

Timo Warns reported an issue in the Linux support for LDM partition tables.
Users with physical access can gain access to sensitive kernel memory or
gain elevated privileges by adding a storage device with a specially
crafted LDM partition.

CVE-2011-1078

Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users
can obtain access to sensitive kernel memory.

CVE-2011-1079

Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users
with the CAP_NET_ADMIN capability can cause a denial of service (kernel
Oops).

CVE-2011-1080

Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users
can obtain access to sensitive kernel memory.

CVE-2011-1090

Neil Horman discovered a memory leak in the setacl() call on NFSv4
filesystems. Local users can exploit this to cause a denial of service
(Oops).

CVE-2011-1093

Johan Hovold reported an issue in the Datagram Congestion Control Protocol
(DCCP) implementation. Remote users could cause a denial of service by
sending data after closing a socket.

CVE-2011-1160

Peter Huewe reported an issue in the Linux kernel's support for TPM security
chips. Local users with permission to open the device can gain access to
sensitive kernel memory.

CVE-2011-1163

Timo Warns reported an issue in the kernel support for Alpha OSF format disk
partitions. Users with physical access can gain access to sensitive kernel
memory by adding a storage device with a specially crafted OSF partition.

CVE-2011-1170

Vasiliy Kulikov reported an issue in the Netfilter arp table
implementation. Local users with the CAP_NET_ADMIN capability can gain
access to sensitive kernel memory.

CVE-2011-1171

Vasiliy Kulikov reported an issue in the Netfilter IP table
implementation. Local users with the CAP_NET_ADMIN capability can gain
access to sensitive kernel memory.

CVE-2011-1172

Vasiliy Kulikov reported an issue in the Netfilter IP6 table
implementation. Local users with the CAP_NET_ADMIN capability can gain
access to sensitive kernel memory.

CVE-2011-1173

Vasiliy Kulikov reported an issue in the Acorn Econet protocol
implementation. Local users can obtain access to sensitive kernel memory on
systems that use this rare hardware.

CVE-2011-1180

Dan Rosenberg reported a buffer overflow in the Information Access Service
of the IrDA protocol, used for Infrared devices. Remote attackers within IR

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)