Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following
problems:
- CVE-2009-0029
Christian Borntraeger discovered an issue effecting the alpha,
mips, powerpc, s390 and sparc64 architectures that allows local
users to cause a denial of service or potentially gain elevated
privileges.
- CVE-2009-0031
Vegard Nossum discovered a memory leak in the keyctl subsystem
that allows local users to cause a denial of service by consuming
all of kernel memory.
- CVE-2009-0065
Wei Yongjun discovered a memory overflow in the SCTP
implementation that can be triggered by remote users.
- CVE-2009-0269
Duane Griffin provided a fix for an issue in the eCryptfs
subsystem which allows local users to cause a denial of service
(fault or memory corruption).
- CVE-2009-0322
Pavel Roskin provided a fix for an issue in the dell_rbu driver
that allows a local user to cause a denial of service (oops) by
reading 0 bytes from a sysfs entry.
- CVE-2009-0676
Clement LECIGNE discovered a bug in the sock_getsockopt function
that may result in leaking sensitive kernel memory.
- CVE-2009-0675
Roel Kluin discovered inverted logic in the skfddi driver that
permits local, unprivileged users to reset the driver statistics.
- CVE-2009-0745
Peter Kerwien discovered an issue in the ext4 filesystem that
allows local users to cause a denial of service (kernel oops)
during a resize operation.
- CVE-2009-0746
Sami Liedes reported an issue in the ext4 filesystem that allows
local users to cause a denial of service (kernel oops) when
accessing a specially crafted corrupt filesystem.
- CVE-2009-0747
David Maciejak reported an issue in the ext4 filesystem that
allows local users to cause a denial of service (kernel oops) when
mounting a specially crafted corrupt filesystem.
- CVE-2009-0748
David Maciejak reported an additional issue in the ext4 filesystem
that allows local users to cause a denial of service (kernel oops)
when mounting a specially crafted corrupt filesystem.
For the oldstable distribution (etch), these problems, where applicable,
will be fixed in future updates to linux-2.6 and linux-2.6.24.
For the stable distribution (lenny), these problems have been fixed in
version 2.6.26-13lenny2.
We recommend that you upgrade your linux-2.6 packages.