Vulnerability : several Problem type : remote Debian-specific: no CVE IDs : CVE-2004-2302 CVE-2005-0756 CVE-2005-0757 CVE-2005-1265 CVE-2005-1761 CVE-2005-1762 CVE-2005-1763 CVE-2005-1765 CVE-2005-1767 CVE-2005-2456 CVE-2005-2458 CVE-2005-2459 CVE-2005-2548 CVE-2005-2801 CVE-2005-2872 CVE-2005-3105 CVE-2005-3106 CVE-2005-3107 CVE-2005-3108 CVE-2005-3109 CVE-2005-3110 CVE-2005-3271 CVE-2005-3272 CVE-2005-3273 CVE-2005-3274 CVE-2005-3275 CVE-2005-3276 BugTraq IDs : 14477 15527 15528 15533 Debian Bugs : 309308 311164 321401 322237 322339
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilieis and Exposures project identifies the following problems:
CVE-2004-2302
A race condition in the sysfs filesystem allows local users to
read kernel memory and cause a denial of service (crash).
CVE-2005-0756
Alexander Nyberg discovered that the ptrace() system call does not
properly verify addresses on the amd64 architecture which can be
exploited by a local attacker to crash the kernel.
CVE-2005-0757
A problem in the offset handling in the xattr file system code for
ext3 has been discovered that may allow users on 64-bit systems
that have access to an ext3 filesystem with extended attributes to
cause the kernel to crash.
CVE-2005-1265
Chris Wright discovered that the mmap() function could create
illegal memory maps that could be exploited by a local user to
crash the kernel or potentially execute arbitrary code.
CVE-2005-1761
A vulnerability on the IA-64 architecture can lead local attackers
to overwrite kernel memory and crash the kernel.
CVE-2005-1762
A vulnerability has been discovered in the ptrace() system call on
the amd64 architecture that allowas a local attacker to cause the
kernel to crash.
CVE-2005-1763
A buffer...
2.6.8-16sarge12.6.8-16sarge12.6.8-6sarge12.6.8-16sarge12.6.8-14sarge12.6.8-4sarge12.6.8-5sarge12.6.8-15sarge12.6.8-12sarge12.6.8-16sarge1