Computer Security
[EN] securityvulns.ru no-pyccku


Linux multiple security vulnerabilities
Published:21.12.2007
Source:
SecurityVulns ID:8485
Type:local
Threat Level:
7/10
Description:DoS with minix filesystem, integer overflow in hrtimer subsystem, buffer overflow on ISDN IOCTL handling, invalid coredump files handling.
Affected:LINUX : kernel 2.6
CVE:CVE-2007-6417 (The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances, which might allow local users to read sensitive kernel data or cause a denial of service (crash).)
 CVE-2007-6206 (The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.)
 CVE-2007-6063 (Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function.)
 CVE-2007-5966 (Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information.)
 CVE-2006-6058 (The minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. NOTE: this issue might be due to an integer overflow or signedness error.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1436-1] New Linux 2.6.18 packages fix several vulnerabilities (21.12.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod