LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: multiple vulnerabilities

Package(s):kernel, linux, linux-source-2.6.15 CVE #(s):CVE-2009-2287 CVE-2009-2406 CVE-2009-2407
Created:July 28, 2009 Updated:February 18, 2011
Description: From the Ubuntu advisory:

Matt T. Yourst discovered that KVM did not correctly validate the page table root. A local attacker could exploit this to crash the system, leading to a denial of service. Ubuntu 6.06 was not affected. (CVE-2009-2287)

Ramon de Carvalho Valle discovered that eCryptfs did not correctly validate certain buffer sizes. A local attacker could create specially crafted eCryptfs files to crash the system or gain elevated privileges. Ubuntu 6.06 was not affected. (CVE-2009-2406, CVE-2009-2407)

Alerts:
Mandriva MDVSA-2011:029 2011-02-17
Mandriva MDVSA-2010:188 2010-09-23
Mandriva MDVSA-2010:198 2010-10-07
SuSE SUSE-SR:2009:015 2009-09-15
Fedora FEDORA-2009-9044 2009-08-27
SuSE SUSE-SA:2009:045 2009-08-20
Fedora FEDORA-2009-8649 2009-08-15
Fedora FEDORA-2009-8647 2009-08-15
Fedora FEDORA-2009-8684 2009-08-17
Fedora FEDORA-2009-8144 2009-07-31
Fedora FEDORA-2009-8264 2009-08-04
CentOS CESA-2009:1193 2009-08-05
Red Hat RHSA-2009:1193-01 2009-08-04
Debian DSA-1846-1 2009-07-28
Debian DSA-1845-1 2009-06-28
Debian DSA-1844-1 2009-07-28
Ubuntu USN-807-1 2009-07-28
Mandriva MDVSA-2009:289 2009-10-27
Fedora FEDORA-2009-10165 2009-10-03
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds