Several local vulnerabilities have been discovered in the Linux kernel
that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
- CVE-2007-6694
Cyrill Gorcunov reported a NULL pointer dereference in code specific
to the CHRP PowerPC platforms. Local users could exploit this issue
to achieve a Denial of Service (DoS).
- CVE-2008-0007
Nick Piggin of SuSE discovered a number of issues in subsystems which
register a fault handler for memory mapped areas. This issue can be
exploited by local users to achieve a Denial of Service (DoS) and possibly
execute arbitrary code.
- CVE-2008-1294
David Peer discovered that users could escape administrator imposed cpu
time limitations (RLIMIT_CPU) by setting a limit of 0.
- CVE-2008-1375
Alexander Viro discovered a race condition in the directory notification
subsystem that allows local users to cause a Denial of Service (oops)
and possibly result in an escalation of privileges.
For the stable distribution (etch), these problems have been fixed in version
2.6.18.dfsg.1-18etch3.
The unstable (sid) and testing distributions will be fixed soon.
We recommend that you upgrade your linux-2.6, fai-kernels, and
user-mode-linux packages.