Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:26416
HistoryMay 26, 2011 - 12:00 a.m.

[SECURITY] [DSA 2240-1] linux-2.6 security update

2011-05-2600:00:00
vulners.com
25
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Debian Security Advisory DSA-2240-1 [email protected]
http://www.debian.org/security/ dann frazier
May 24, 2011 http://www.debian.org/security/faq

Package : linux-2.6
Vulnerability : privilege escalation/denial of service/information leak
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2010-3875 CVE-2011-0695 CVE-2011-0711 CVE-2011-0726
CVE-2011-1016 CVE-2011-1078 CVE-2011-1079 CVE-2011-1080
CVE-2011-1090 CVE-2011-1160 CVE-2011-1163 CVE-2011-1170
CVE-2011-1171 CVE-2011-1172 CVE-2011-1173 CVE-2011-1180
CVE-2011-1182 CVE-2011-1476 CVE-2011-1477 CVE-2011-1478
CVE-2011-1493 CVE-2011-1494 CVE-2011-1495 CVE-2011-1585
CVE-2011-1593 CVE-2011-1598 CVE-2011-1745 CVE-2011-1746
CVE-2011-1748 CVE-2011-1759 CVE-2011-1767 CVE-2011-1770
CVE-2011-1776 CVE-2011-2022
Debian Bug(s) :

Several vulnerabilities have been discovered in the Linux kernel that may lead
to a denial of service or privilege escalation. The Common Vulnerabilities and
Exposures project identifies the following problems:

CVE-2010-3875

Vasiliy Kulikov discovered an issue in the Linux implementation of the
Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to
sensitive kernel memory.

CVE-2011-0695

Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can
exploit a race condition to cause a denial of service (kernel panic).

CVE-2011-0711

Dan Rosenberg reported an issue in the XFS filesystem. Local users may
obtain access to sensitive kernel memory.

CVE-2011-0726

Kees Cook reported an issue in the /proc/pid/stat implementation. Local
users could learn the text location of a process, defeating protections
provided by address space layout randomization (ASLR).

CVE-2011-1016

Marek Olsak discovered an issue in the driver for ATI/AMD Radeon video
chips. Local users could pass arbitrary values to video memory and the
graphics translation table, resulting in denial of service or escalated
privileges. On default Debian installations, this is exploitable only by
members of the 'video' group.

CVE-2011-1078

Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users
can obtain access to sensitive kernel memory.

CVE-2011-1079

Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users
with the CAP_NET_ADMIN capability can cause a denial of service (kernel
Oops).

CVE-2011-1080

Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users
can obtain access to sensitive kernel memory.

CVE-2011-1090

Neil Horman discovered a memory leak in the setacl() call on NFSv4
filesystems. Local users can explot this to cause a denial of service
(Oops).

CVE-2011-1160

Peter Huewe reported an issue in the Linux kernel's support for TPM security
chips. Local users with permission to open the device can gain access to
sensitive kernel memory.

CVE-2011-1163

Timo Warns reported an issue in the kernel support for Alpha OSF format disk
partitions. Users with physical access can gain access to sensitive kernel
memory by adding a storage device with a specially crafted OSF partition.

CVE-2011-1170

Vasiliy Kulikov reported an issue in the Netfilter arp table
implementation. Local users with the CAP_NET_ADMIN capability can gain
access to sensitive kernel memory.

CVE-2011-1171

Vasiliy Kulikov reported an issue in the Netfilter IP table
implementation. Local users with the CAP_NET_ADMIN capability can gain
access to sensitive kernel memory.

CVE-2011-1172

Vasiliy Kulikov reported an issue in the Netfilter IP6 table
implementation. Local users with the CAP_NET_ADMIN capability can gain
access to sensitive kernel memory.

CVE-2011-1173

Vasiliy Kulikov reported an issue in the Acorn Econet protocol
implementation. Local users can obtain access to sensitive kernel memory on
systems that use this rare hardware.

CVE-2011-1180

Dan Rosenberg reported a buffer overflow in the Information Access Service
of the IrDA protocol, used for Infrared devices. Remote attackers within IR
device range can cause a denial of service or possibly gain elevated
privileges.

CVE-2011-1182

Julien Tinnes reported an issue in the rt_sigqueueinfo interface. Local
users can generate signals with falsified source pid and uid information.

CVE-2011-1476

Dan Rosenberg reported issues in the Open Sound System MIDI interface that
allow local users to cause a denial of service. This issue does not affect
official Debian Linux image packages as they no longer provide support for
OSS.  However, custom kernels built from Debians linux-source-2.6.32 may
have enabled this configuration and would therefore be vulnerable.

CVE-2011-1477

Dan Rosenberg reported issues in the Open Sound System driver for cards that
include a Yamaha FM synthesizer chip. Local users can cause memory
corruption resulting in a denial of service. This issue does not affect
official Debian Linux image packages as they no longer provide support for
OSS.  However, custom kernels built from Debians linux-source-2.6.32 may
have enabled this configuration and would therefore be vulnerable.

CVE-2011-1478

Ryan Sweat reported an issue in the Generic Receive Offload (GRO) support in
the Linux networking subsystem. If an interface has GRO enabled and is
running in promiscuous mode, remote users can cause a denial of service
(NULL pointer dereference) by sending packets on an unknown VLAN.

CVE-2011-1493

Dan Rosenburg reported two issues in the Linux implementation of the Amateur
Radio X.25 PLP (Rose) protocol. A remote user can cause a denial of service
by providing specially crafted facilities fields.

CVE-2011-1494

Dan Rosenberg reported an issue in the /dev/mpt2ctl interface provided by
the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can obtain
elevated privileges by specially crafted ioctl calls. On default Debian
installations this is not exploitable as this interface is only accessible
to root.

CVE-2011-1495

Dan Rosenberg reported two additional issues in the /dev/mpt2ctl interface
provided by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users
can obtain elevated privileges and ready arbitrary kernel memory by using
specially crafted ioctl calls. On default Debian installations this is not
exploitable as this interface is only accessible to root.

CVE-2011-1585

Jeff Layton reported an issue in the Common Internet File System (CIFS).
Local users can bypass authentication requirements for shares that are
already mounted by another user.

CVE-2011-1593

Robert Swiecki reported a signednes issue in the next_pidmap() function,
which can be exploited my local users to cause a denial of service.

CVE-2011-1598

Dave Jones reported an issue in the Broadcast Manager Controller Area
Network (CAN/BCM) protocol that may allow local users to cause a NULL
pointer dereference, resulting in a denial of service.

CVE-2011-1745

Vasiliy Kulikov reported an issue in the Linux support for AGP devices.
Local users can obtain elevated privileges or cause a denial of service due
to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian
installations, this is exploitable only by users in the video group.

CVE-2011-1746

Vasiliy Kulikov reported an issue in the Linux support for AGP devices.
Local users can obtain elevated privileges or cause a denial of service due
to missing bounds checking in the agp_allocate_memory and
agp_create_user_memory. On default Debian installations, this is exploitable
only by users in the video group.

CVE-2011-1748

Oliver Kartkopp reported an issue in the Controller Area Network (CAN) raw
socket implementation which permits ocal users to cause a NULL pointer
dereference, resulting in a denial of service.

CVE-2011-1759

Dan Rosenberg reported an issue in the support for executing "old ABI"
binaries on ARM processors. Local users can obtain elevated privileges due
to insufficient bounds checking in the semtimedop system call.

CVE-2011-1767

Alexecy Dobriyan reported an issue in the GRE over IP implementation.
Remote users can cause a denial of service by sending a packet during module
initialization.

CVE-2011-1770

Dan Rosenberg reported an issue in the Datagram Congestion Control Protocol
(DCCP). Remote users can cause a denial of service or potentially obtain
access to sensitive kernel memory.

CVE-2011-1776

Timo Warns reported an issue in the Linux implementation for GUID
partitions. Users with physical access can gain access to sensitive kernel
memory by adding a storage device with a specially crafted corrupted invalid
partition table.

CVE-2011-2022

Vasiliy Kulikov reported an issue in the Linux support for AGP devices.
Local users can obtain elevated privileges or cause a denial of service due
to missing bounds checking in the AGPIOC_UNBIND ioctl. On default Debian
installations, this is exploitable only by users in the video group.

This update also includes changes queued for the next point release of
Debian 6.0, which also fix various non-security issues. These additional
changes are described in the package changelog which can be viewed at:

http://packages.debian.org/changelogs/pool/main/l/linux-2.6/linux-2.6_26.32-34/changelog

For the stable distribution (squeeze), this problem has been fixed in version
2.6.32-34squeeze1. Updates for issues impacting the oldstable distribution
(lenny) will be available soon.

The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:

                                         Debian 6.0 (squeeze)
 user-mode-linux                         2.6.32-1um-4+34squeeze1

We recommend that you upgrade your linux-2.6 and user-mode-linux packages

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJN3I4aAAoJEBv4PF5U/IZAaa4P/j+l40Mp6naHByZt3jpwNWSA
RN/jkkrYnYNDyT7crB+/DOdu84zalYa2KqfffOd/faV9+NSCBayjJ5c+FvVgeTay
Il8elfcWP/uK0BXJn2xVb7YAsLpIe0HRlhxe72ZqcT4Yxo1/IBnEpUS56JRd2tlA
k7x7dbj+smlzlM4qiXQy1F6LNyDqoGDUKNohQHUoyQ5dGq/gdi3C7EnUs4Nx9vjK
RU1HUWLXB4qm7JpoK6o3u6Hpe0ynZm74tYvTi0XhayGXGevaBvIQuEWqhY6gZF1P
v6a5gvBQC2pRIQXAVUbAhjoXpuF5jahTgicLdJanDqLfhefQ3qV11Ahvui2lzZuT
iKbMVGzO/azPLzskH8YNBq6drFPX2ZqRsxGmrTdzEtLWnJCN6nBBe4kF6C3z5T1A
1ez4/F+OhNl2wnimq3CxiyfXun9WWs6IlULpqsKgJjE4bItg5a8+zTYGjkhQxX+X
fPzO1xZCtQK4i+59Ejs5FwIfps0fA0m8c1Z5bnIaj4Q+0X5sJt2kwws8yrQKoOH1
eKGOgRqM70rOnyW/TQtXDGnTC4+vCCv89UjZUpG+sxZtWUxeh8CL2scUyceTeSNC
IS2+EgvilN+a3hQlYJH4YNshmQCtJDp7qMTLaXLHM9hoV1L383nbJV4AtrFlcsCO
KRI5f0ds95H6TsEoTSmO
=gx2x
-----END PGP SIGNATURE-----

Related

debian 2
nessus 61
osv 2
securityvulns 2
ubuntu 17
openvas 70
redhat 8
oraclelinux 9
centos 2
suse 12
seebug 1
fedora 3
packetstorm 1
vmware 2
prion 2
cve 2
ubuntucve 2
veracode 1
debian
debian
[SECURITY] [DSA 2240-1] linux-2.6 security update
2011-05-25 05:22:29
[SECURITY] [DSA 2264-1] linux-2.6 security update
2011-06-19 01:11:37
nessus
nessus
Debian DSA-2240-1 : linux-2.6 - privilege escalation/denial of service/information leak
2011-06-10 00:00:00
Fedora 14 : kernel-2.6.35.13-91.fc14 (2011-6541)
2011-05-10 00:00:00
Ubuntu 10.04 LTS : linux vulnerabilities (USN-1168-1)
2011-07-18 00:00:00
osv
osv
linux-2.6 - several issues
2011-05-24 00:00:00
linux-2.6 - several issues
2011-06-18 00:00:00
securityvulns
securityvulns
Linux kernel security vulnerabilities
2011-05-26 00:00:00
Linux kernel EFI/XFS DoS
2011-05-25 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2011-07-15 00:00:00
Linux kernel vulnerabilities (EC2)
2011-07-13 00:00:00
Linux kernel vulnerabilities (Marvell Dove)
2011-06-29 00:00:00
openvas
openvas
Ubuntu Update for linux USN-1168-1
2011-07-18 00:00:00
Ubuntu Update for linux USN-1168-1
2011-07-18 00:00:00
Debian Security Advisory DSA 2264-1 (linux-2.6)
2011-08-03 00:00:00
redhat
redhat
(RHSA-2011:0833) Important: kernel security and bug fix update
2011-05-31 00:00:00
(RHSA-2011:0500) Important: kernel-rt security and bug fix update
2011-05-10 00:00:00
(RHSA-2011:1253) Important: kernel-rt security and bug fix update
2011-09-12 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2011-05-31 00:00:00
Unbreakable Enterprise kernel security fix update
2011-05-23 00:00:00
Oracle Linux 6 Unbreakable Enterprise kernel security fix update
2011-06-02 00:00:00
centos
centos
kernel security update
2011-05-31 23:49:24
kernel security update
2011-07-18 21:33:40
suse
suse
Security update for Linux kernel (important)
2011-07-25 17:08:29
remote denial of service, potential local in kernel
2011-07-25 15:19:26
remote denial of service, potential remote code in kernel
2011-06-29 16:32:28
seebug
seebug
Linux Kernel Netfilter和Econet实现本地信息泄露漏洞
2011-06-25 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: kernel-2.6.35.13-91.fc14
2011-05-09 20:58:33
[SECURITY] Fedora 14 Update: kernel-2.6.35.13-92.fc14
2011-06-11 04:22:38
[SECURITY] Fedora 14 Update: kernel-2.6.35.14-95.fc14
2011-08-23 04:37:17
packetstorm
packetstorm
Ubuntu Security Notice USN-1202-1
2011-09-14 00:00:00
vmware
vmware
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
prion
prion
Design/Logic Flaw
2011-05-09 19:55:00
Null pointer dereference
2011-05-09 22:55:00
cve
cve
CVE-2011-2022
2011-05-09 19:55:00
CVE-2011-1598
2011-05-09 22:55:00
ubuntucve
ubuntucve
CVE-2011-2022
2011-05-09 00:00:00
CVE-2011-1598
2011-05-09 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:02:34
JSON
Related for SECURITYVULNS:DOC:26416
debian2nessus61osv2securityvulns2ubuntu17openvas70redhat8oraclelinux9centos2suse12seebug1fedora3packetstorm1vmware2prion2cve2ubuntucve2veracode1