LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2010-2478 CVE-2010-2495
Created:July 9, 2010 Updated:March 28, 2011
Description: From the Red Hat bugzilla:

On a 32-bit machine, info.rule_cnt >= 0x40000000 leads to integer overflow and the buffer may be smaller than needed. Since ETHTOOL_GRXCLSRLALL is unprivileged, this can presumably be used for at least denial of service. (CVE-2010-2478)

From the Red Hat bugzilla:

When transmitting L2TP frames, we derive the outgoing interface's UDP checksum hardware assist capabilities from the tunnel dst dev. This can sometimes be NULL, especially when routing protocols are used and routing changes occur. This patch just checks for NULL dst or dev pointers when checking for netdev hardware assist features. (CVE-2010-2495)

Alerts:
Ubuntu USN-1093-1 2011-03-25
Ubuntu USN-1083-1 2011-03-03
Ubuntu USN-1074-2 2011-02-28
Ubuntu USN-1074-1 2011-02-25
Fedora FEDORA-2010-18983 2010-12-17
openSUSE openSUSE-SU-2010:0664-1 2010-09-23
SUSE SUSE-SA:2010:040 2010-09-13
Fedora FEDORA-2010-14235 2010-09-08
Ubuntu USN-1000-1 2010-10-19
Pardus 2010-112 2010-08-12
SUSE SUSE-SA:2010:033 2010-08-02
Fedora FEDORA-2010-10880 2010-07-07
Fedora FEDORA-2010-10876 2010-07-07
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds