Computer Security
[EN] securityvulns.ru no-pyccku


Linux kernel multiple security vulnerabilities
Published:04.10.2007
Source:
SecurityVulns ID:8210
Type:local
Threat Level:
6/10
Description:Multiple DoS conditions.
Affected:LINUX : kernel 2.6
CVE:CVE-2007-5093 (The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device.)
 CVE-2007-4133
 CVE-2006-5755 (Linux kernel before 2.6.18, when running on x86_64 systems, does not properly save or restore EFLAGS during a context switch, which allows local users to cause a denial of service (crash) by causing SYSENTER to set an NT flag, which can trigger a crash on the IRET of the next task.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1381-1] New Linux 2.6.18 packages fix several vulnerabilities (04.10.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod