Several vulnerabilities have been discovered in the Linux kernel that may
lead to a denial of service. The Common Vulnerabilities and Exposures
project identifies the following problems:
- CVE-2007-6712
Johannes Bauer discovered an integer overflow condition in the hrtimer
subsystem on 64-bit systems. This can be exploited by local users to
trigger a denial of service (DoS) by causing the kernel to execute an
infinite loop.
- CVE-2008-1615
Jan Kratochvil reported a local denial of service condition that
permits local users on systems running the amd64 flavor kernel
to cause a system crash.
- CVE-2008-2136
Paul Harks discovered a memory leak in the Simple Internet Transition
(SIT) code used for IPv6 over IPv4 tunnels. This can be exploited
by remote users to cause a denial of service condition.
- CVE-2008-2137
David Miller and Jan Lieskovsky discovered issues with the virtual
address range checking of mmaped regions on the sparc architecture
that may be exploited by local users to cause a denial of service.
For the stable distribution (etch), this problem has been fixed in version
2.6.18.dfsg.1-18etch5.
Builds for linux-2.6/s390 and fai-kernels/powerpc were not yet available at
the time of this advisory. This advisory will be updated as these builds
become available.
We recommend that you upgrade your linux-2.6, fai-kernels, and
user-mode-linux packages.