LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Pardus alert 2010-64 (kernel)



From:
    	      Eren Turkay <eren@pardus.org.tr> 


To:
    	      pardus-security@pardus.org.tr 


Subject:
    	      [Pardus-security] [PLSA 2010-64] Kernel: Multiple Vulnerabilities 


Date:
    	      Fri,  4 Jun 2010 11:06:04 +0300 (EEST)


Message-ID:
    	      <20100604080604.66931A7AB5D@lider.pardus.org.tr>


Archive-link:
    	      Article, Thread
              


------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-64            security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-06-04
  Severity: 3
      Type: Local
------------------------------------------------------------------------

Summary
=======

Multiple vulnerabilities have been fixed in kernel. 


Description
===========

CVE-2010-0622: 

The wake_futex_pi function in kernel/futex.c in the Linux kernel before 
2.6.33-rc7 does not properly handle certain  unlock  operations  for  a 
Priority Inheritance (PI) futex, which allows local users  to  cause  a 
denial of service (OOPS) and possibly have unspecified other impact via 
vectors involving modification of the futex value from user space. 



CVE-2010-1086: 

The         ULE decapsulation         functionality          in         
drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 
and earlier allows attackers to cause a  denial  of  service  (infinite 
loop) via a crafted MPEG2-TS  frame,  related  to  an  invalid  Payload 
Pointer ULE. 



CVE-2010-1162: 

The release_one_tty function  in  drivers/char/tty_io.c  in  the  Linux 
kernel before 2.6.34-rc4 omits certain required calls  to  the  put_pid 
function, which has unspecified impact and local attack vectors. 



CVE-2010-1437: 

Race    condition in    the    find_keyring_by_name    function    in   
security/keys/keyring.c in the  Linux  kernel  2.6.34-rc5  and  earlier 
allows local users to cause a denial of service (memory corruption  and 
system crash) or possibly have  unspecified  other  impact  via  keyctl 
session commands that trigger access to a dead keyring that is 

undergoing deletion by the key_cleanup function. 



CVE-2010-1173: 

The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in  the 
Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows  remote 
attackers  to cause  a  denial  of  service  (system  crash)  via   an  
SCTPChunkInit packet containing multiple invalid parameters that require
a large amount of error data. 


Affected packages:

  Pardus 2009:
    kernel, all before 2.6.31.13-131-45


Resolution
==========

There are update(s) for kernel. You can update them via Package Manager 
or with a single command from console: 

    pisi up kernel

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=12311
  * http://bugs.pardus.org.tr/show_bug.cgi?id=12628
  * http://bugs.pardus.org.tr/show_bug.cgi?id=12774
  * http://bugs.pardus.org.tr/show_bug.cgi?id=12915
  * http://bugs.pardus.org.tr/show_bug.cgi?id=12911

------------------------------------------------------------------------

_______________________________________________
Pardus-security mailing list
Pardus-security@pardus.org.tr
http://liste.pardus.org.tr/mailman/listinfo/pardus-security
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds